自動更新

Security & Compliance Agent Skills

Security & Compliance 分野のワークフローを coding agent に導入できます。

699件の Skill
23出典
602Low risk
Jul 13更新日時
40 件の Skill
自動更新
p

postgresql-code-review

Security & Compliance

PostgreSQL-specific code review assistant focusing on PostgreSQL best practices, anti-patterns, and unique quality standards. Covers JSONB operations, array usage, custom types, schema design, function optimization, and PostgreSQL-exclusive security features like Row Level Security (RLS).

github/awesome-copilot·MIT·Agent Skills
low100品質
p

power-bi-model-design-review

Security & Compliance

Comprehensive Power BI data model design review prompt for evaluating model architecture, relationships, and optimization opportunities.

github/awesome-copilot·MIT·Agent Skills
low100品質
q

qdrant-monitoring-setup

Security & Compliance

Guides Qdrant monitoring setup including Prometheus scraping, health probes, Hybrid Cloud metrics, alerting, and log centralization. Use when someone asks 'how to set up monitoring', 'Prometheus config', 'Grafana dashboard', 'health check endpoints', 'how to scrape Hybrid Cloud', 'what alerts to set', 'how to centralize logs', or 'audit logging'.

github/awesome-copilot·MIT·Agent Skills
low100品質
r

resemble-detect

Security & Compliance

Deepfake detection and media safety — detect AI-generated audio, images, video, and text, trace synthesis sources, apply watermarks, verify speaker identity, and analyze media intelligence using Resemble AI

github/awesome-copilot·Apache-2.0·Agent SkillsRequires a Resemble AI API key (https://app.resemble.ai) set as RESEMBLE_API_KEY. All media must be accessible via public HTTPS URLs — local file paths are not supported except for text detection.
high100品質
t

threat-model-analyst

Security & Compliance

Full STRIDE-A threat model analysis and incremental update skill for repositories and systems. Supports two modes: (1) Single analysis — full STRIDE-A threat model of a repository, producing architecture overviews, DFD diagrams, STRIDE-A analysis, prioritized findings, and executive assessments. (2) Incremental analysis — takes a previous threat model report as baseline, compares the codebase at the latest (or a given commit), and produces an updated report with change tracking (new, resolved, still-present threats), STRIDE heatmap, findings diff, and an embedded HTML comparison. Only activate when the user explicitly requests a threat model analysis, incremental update, or invokes /threat-model-analyst directly.

github/awesome-copilot·MIT·Agent Skills
low100品質
u

update-avm-modules-in-bicep

Security & Compliance

Update Azure Verified Modules (AVM) to latest versions in Bicep files.

github/awesome-copilot·MIT·Agent Skills
low100品質
a

agent-owasp-compliance

Security & Compliance

Check any AI agent codebase against the OWASP Agentic Security Initiative (ASI) Top 10 risks. Use this skill when: - Evaluating an agent system's security posture before production deployment - Running a compliance check against OWASP ASI 2026 standards - Mapping existing security controls to the 10 agentic risks - Generating a compliance report for security review or audit - Comparing agent framework security features against the standard - Any request like "is my agent OWASP compliant?", "check ASI compliance", or "agentic security audit"

github/awesome-copilot·MIT·Agent SkillsGitHub Copilot
high100品質
a

agent-supply-chain

Security & Compliance

Verify supply chain integrity for AI agent plugins, tools, and dependencies. Use this skill when: - Generating SHA-256 integrity manifests for agent plugins or tool packages - Verifying that installed plugins match their published manifests - Detecting tampered, modified, or untracked files in agent tool directories - Auditing dependency pinning and version policies for agent components - Building provenance chains for agent plugin promotion (dev → staging → production) - Any request like "verify plugin integrity", "generate manifest", "check supply chain", or "sign this plugin"

github/awesome-copilot·MIT·Agent SkillsClaude Code
low100品質
a

Design and implement Arduino integration with Azure IoT Hub and IoT Edge, including secure provisioning, resilient telemetry, command handling, and production guardrails.

github/awesome-copilot·MIT·Agent Skills
low100品質
a

audit-integrity

Security & Compliance

Shared audit integrity framework for all AppSec agents — enforces output quality, intellectual honesty, and continuous improvement through anti-rationalization guards, self-critique loops, retry protocols, non-negotiable behaviors, self-reflection quality gates (1-10 scoring, ≥8 threshold), and a self-learning system with lesson/memory governance for security analysis agents.

github/awesome-copilot·MIT·Agent SkillsCross-platform. Works with any language or framework analyzed by AppSec agents.
low100品質
a

aws-well-architected-review

Security & Compliance

Perform an AWS Well-Architected Framework review of the current workload IaC and architecture, generating findings and GitHub issues for improvements.

github/awesome-copilot·MIT·Agent Skills
low100品質
a

azure-resource-health-diagnose

Security & Compliance

Analyze Azure resource health, diagnose issues from logs and telemetry, and create a remediation plan for identified problems.

github/awesome-copilot·MIT·Agent Skills
low100品質
b

breakdown-epic-pm

Security & Compliance

Prompt for creating an Epic Product Requirements Document (PRD) for a new epic. This PRD will be used as input for generating a technical architecture specification.

github/awesome-copilot·MIT·Agent Skills
low100品質
b

breakdown-feature-prd

Security & Compliance

Prompt for creating Product Requirements Documents (PRDs) for new features, based on an Epic.

github/awesome-copilot·MIT·Agent Skills
low100品質
c

Create a formal specification for an existing GitHub Actions CI/CD workflow, optimized for AI consumption and workflow maintenance.

github/awesome-copilot·MIT·Agent Skills
low100品質
d

data-breach-blast-radius

Security & Compliance

Pre-breach impact analysis: inventories sensitive data (PII, PHI, PCI-DSS, credentials), traces data flows, scores exposure vectors, and produces a regulatory blast radius report with fine ranges sourced verbatim from GDPR Art. 83, CCPA § 1798.155(a), and HIPAA 45 CFR § 160.404. Cost benchmarks from IBM Cost of a Data Breach Report (annually updated). All citations in references/SOURCES.md for verification. Use when asked: "assess breach impact", "what data could be exposed", "calculate blast radius", "data exposure analysis", "how bad would a breach be", "quantify data risk", "sensitive data inventory", "data flow security audit", "pre-breach assessment", "worst-case breach scenario", "breach readiness", "data risk report", "/data-breach-blast-radius". For any stack handling user data, health records, or financial information. Output labels law-sourced figures (exact) vs heuristic estimates (planning only). Does not replace legal counsel.

github/awesome-copilot·MIT·Agent Skills
high100品質
d

declarative-agents

Security & Compliance

Complete development kit for Microsoft 365 Copilot declarative agents with three comprehensive workflows (basic, advanced, validation), TypeSpec support, and Microsoft 365 Agents Toolkit integration

github/awesome-copilot·MIT·Agent SkillsGitHub Copilot
low100品質
d

dotnet-best-practices

Security & Compliance

Ensure .NET/C# code meets best practices for the solution/project.

github/awesome-copilot·MIT·Agent Skills
low100品質
d

doublecheck

Security & Compliance

Three-layer verification pipeline for AI output. Extracts verifiable claims, finds supporting or contradicting sources via web search, runs adversarial review for hallucination patterns, and produces a structured verification report with source links for human review.

github/awesome-copilot·MIT·Agent Skills
low100品質
f

fabric-lakehouse

Security & Compliance

Use this skill to get context about Fabric Lakehouse and its features for software systems and AI-powered functions. It offers descriptions of Lakehouse data components, organization with schemas and shortcuts, access control, and code examples. This skill supports users in designing, building, and optimizing Lakehouse solutions using best practices.

github/awesome-copilot·MIT·Agent Skills
low100品質
f

Govern Power Automate flows and Power Apps at scale using the FlowStudio MCP cached store. Classify flows by business impact, detect orphaned resources, audit connector usage, enforce compliance standards, manage notification rules, and compute governance scores — all without Dataverse or the CoE Starter Kit. Load this skill when asked to: tag or classify flows, set business impact, assign ownership, detect orphans, audit connectors, check compliance, compute archive scores, manage notification rules, run a governance review, generate a compliance report, offboard a maker, or any task that involves writing governance metadata to flows. Requires a FlowStudio for Teams or MCP Pro+ subscription — see https://mcp.flowstudio.app

github/awesome-copilot·MIT·Agent Skills
low100品質
f

Pro+ subscription required. Tenant-wide Power Automate monitoring using the FlowStudio MCP cached store: failure rates, run-health trends, maker/app inventory, inactive owners, and compliance/health reports. Use only for aggregated tenant views. For one environment, one flow, run control, or root-cause debugging, use flowstudio-power-automate-mcp, flowstudio-power-automate-debug, or the server monitor-flow bundle. Requires FlowStudio for Teams or MCP Pro+.

github/awesome-copilot·MIT·Agent Skills
low100品質
g

gdpr-compliant

Security & Compliance

Apply GDPR-compliant engineering practices across your codebase. Use this skill whenever you are designing APIs, writing data models, building authentication flows, implementing logging, handling user data, writing retention/deletion jobs, designing cloud infrastructure, or reviewing pull requests for privacy compliance. Trigger this skill for any task involving personal data, user accounts, cookies, analytics, emails, audit logs, encryption, pseudonymization, anonymization, data exports, breach response, CI/CD pipelines that process real data, or any question framed as "is this GDPR-compliant?". Inspired by CNIL developer guidance and GDPR Articles 5, 25, 32, 33, 35.

github/awesome-copilot·MIT·Agent Skills
medium100品質
g

git-flow-branch-creator

Security & Compliance

Intelligent Git Flow branch creator that analyzes git status/diff and creates appropriate branches following the nvie Git Flow branching model.

github/awesome-copilot·MIT·Agent SkillsGitHub Copilot
low100品質

用途と Coding Agent から Skill を探す

Codex、Claude Code、GitHub Copilot、Cursor、Gemini CLI 向けの出典付き Skill を探せます。