自動更新

Security & Compliance Agent Skills

Security & Compliance 分野のワークフローを coding agent に導入できます。

699件の Skill
23出典
602Low risk
Jul 13更新日時
40 件の Skill
自動更新
63推奨

Govern Power Automate flows and Power Apps at scale using the FlowStudio MCP cached store. Classify flows by business impact, detect orphaned resources, audit connector usage, enforce compliance standards, manage notification rules, and compute governance scores — all without Dataverse or the CoE Starter Kit. Load this skill when asked to: tag or classify flows, set business impact, assign ownership, detect orphans, audit connectors, check compliance, compute archive scores, manage notification rules, run a governance review, generate a compliance report, offboard a maker, or any task that involves writing governance metadata to flows. Requires a FlowStudio for Teams or MCP Pro+ subscription — see https://mcp.flowstudio.app

github/awesome-copilot·MIT·Agent Skills
low100品質
63推奨

Pro+ subscription required. Tenant-wide Power Automate monitoring using the FlowStudio MCP cached store: failure rates, run-health trends, maker/app inventory, inactive owners, and compliance/health reports. Use only for aggregated tenant views. For one environment, one flow, run control, or root-cause debugging, use flowstudio-power-automate-mcp, flowstudio-power-automate-debug, or the server monitor-flow bundle. Requires FlowStudio for Teams or MCP Pro+.

github/awesome-copilot·MIT·Agent Skills
low100品質
63推奨

impediment-prioritization

Security & Compliance

Ranks any list of impediments and their countermeasures using a value-stream scoring model (ROI, Cost to Implement, Ease of Deployment, Risk Factor) and a fixed prioritization formula. Use when someone asks to prioritize, rank, sequence, or triage impediments, countermeasures, remediation items, risks, findings, gaps, action items, or backlog entries; or mentions value-stream prioritization, A3 / lean countermeasure ranking, ROI vs. effort scoring, or building a remediation / improvement backlog. Works with GHQR findings, audit results, retrospective action items, risk registers, architecture review gaps, or any free-form `{impediment, countermeasure}` list.

github/awesome-copilot·MIT·Agent Skills
low100品質
60推奨

gdpr-compliant

Security & Compliance

Apply GDPR-compliant engineering practices across your codebase. Use this skill whenever you are designing APIs, writing data models, building authentication flows, implementing logging, handling user data, writing retention/deletion jobs, designing cloud infrastructure, or reviewing pull requests for privacy compliance. Trigger this skill for any task involving personal data, user accounts, cookies, analytics, emails, audit logs, encryption, pseudonymization, anonymization, data exports, breach response, CI/CD pipelines that process real data, or any question framed as "is this GDPR-compliant?". Inspired by CNIL developer guidance and GDPR Articles 5, 25, 32, 33, 35.

github/awesome-copilot·MIT·Agent Skills
medium100品質
59推奨

resemble-detect

Security & Compliance

Deepfake detection and media safety — detect AI-generated audio, images, video, and text, trace synthesis sources, apply watermarks, verify speaker identity, and analyze media intelligence using Resemble AI

github/awesome-copilot·Apache-2.0·Agent SkillsRequires a Resemble AI API key (https://app.resemble.ai) set as RESEMBLE_API_KEY. All media must be accessible via public HTTPS URLs — local file paths are not supported except for text detection.
high100品質
58推奨

data-breach-blast-radius

Security & Compliance

Pre-breach impact analysis: inventories sensitive data (PII, PHI, PCI-DSS, credentials), traces data flows, scores exposure vectors, and produces a regulatory blast radius report with fine ranges sourced verbatim from GDPR Art. 83, CCPA § 1798.155(a), and HIPAA 45 CFR § 160.404. Cost benchmarks from IBM Cost of a Data Breach Report (annually updated). All citations in references/SOURCES.md for verification. Use when asked: "assess breach impact", "what data could be exposed", "calculate blast radius", "data exposure analysis", "how bad would a breach be", "quantify data risk", "sensitive data inventory", "data flow security audit", "pre-breach assessment", "worst-case breach scenario", "breach readiness", "data risk report", "/data-breach-blast-radius". For any stack handling user data, health records, or financial information. Output labels law-sourced figures (exact) vs heuristic estimates (planning only). Does not replace legal counsel.

github/awesome-copilot·MIT·Agent Skills
high100品質
57推奨

agent-owasp-compliance

Security & Compliance

Check any AI agent codebase against the OWASP Agentic Security Initiative (ASI) Top 10 risks. Use this skill when: - Evaluating an agent system's security posture before production deployment - Running a compliance check against OWASP ASI 2026 standards - Mapping existing security controls to the 10 agentic risks - Generating a compliance report for security review or audit - Comparing agent framework security features against the standard - Any request like "is my agent OWASP compliant?", "check ASI compliance", or "agentic security audit"

github/awesome-copilot·MIT·Agent SkillsGitHub Copilot
high100品質
56推奨

web-design-guidelines

Security & Compliance

Review UI code for Web Interface Guidelines compliance. Use when asked to "review my UI", "check accessibility", "audit design", "review UX", or "check my site against best practices".

vercel-labs/agent-skills·NOASSERTION·Agent Skills
low90品質
56推奨

writing-guidelines

Security & Compliance

Review docs/prose for Writing Guidelines compliance. Use when asked to "review my docs", "check writing style", "audit prose", "review docs voice and tone", or "check this page against the writing handbook".

vercel-labs/agent-skills·NOASSERTION·Agent Skills
low90品質
37推奨

publish-public

Security & Compliance

Ensure Tessl plugins meet all requirements for public registry publication with comprehensive validation. Use when publishing skills to public registry, validating .tessl-plugin/plugin.json configuration, creating evaluation scenarios, checking quality thresholds (A-grade >=108/120), or preparing plugins for release. Validates eval scenario coverage, plugin.json fields (name, version, private, description, skills), agent-agnostic compliance, and publication readiness.

pantheon-org/tekhne·MIT·Agent Skills
low85品質
37推奨

vault-consolidate

Security & Compliance

Propose or apply consolidation of episodic memories into semantic ones, combining related episodic captures into higher-level semantic summary notes. Use after a long session or when the user asks to clean up, organise, summarise, merge, or declutter memories, or requests memory cleanup or memory management. Always run --propose first so the user can review before --apply commits changes to the vault.

pantheon-org/tekhne·MIT·Agent Skills
low85品質
34推奨

metagit-release-audit

Security & Compliance

Mandatory before calling work complete when the session changed repo files. Runs format, lint, tests, integration tests, context-aware pip-audit/bandit, and optional gitleaks via task qa:prepush. Use before push, release, or hand-off.

metagit-ai/metagit-cli·MIT·Agent Skills
low85品質
34推奨

nika-operating

Security & Compliance

Operate Nika workflows day-2 — spend caps, permits boundaries, secrets, model swaps (cloud/local), CI wiring, trace export. Use when hardening a working workflow for production, wiring it into CI or a scheduler, capping cost, tightening the permits boundary, swapping models, or exporting traces to OpenTelemetry.

supernovae-st/nika-agents·GPL-3.0·Agent Skills
low85品質
34推奨

metagit-release-audit

Security & Compliance

Mandatory before calling work complete when the session changed repo files. Runs format, lint, tests, integration tests, context-aware pip-audit/bandit, and optional gitleaks via task qa:prepush. Use before push, release, or hand-off.

metagit-ai/metagit-cli·MIT·Agent Skills
low85品質
34推奨

metagit-release-audit

Security & Compliance

Mandatory before calling work complete when the session changed repo files. Runs format, lint, tests, integration tests, context-aware pip-audit/bandit, and optional gitleaks via task qa:prepush. Use before push, release, or hand-off.

metagit-ai/metagit-cli·MIT·Agent Skills
low85品質
33推奨

create-context

Security & Compliance

Create baseline context from .context/session/in/ folder with manifest-driven organization (run once per project). Use when bootstrapping project context, setting up .context/session/ctx/ snapshot. Triggers include "create context", "bootstrap context", "setup context", "init context".

pantheon-org/tekhne·MIT·Agent SkillsClaude Code
medium85品質

用途と Coding Agent から Skill を探す

Codex、Claude Code、GitHub Copilot、Cursor、Gemini CLI 向けの出典付き Skill を探せます。