自动定期更新

Security & Compliance Agent Skill

浏览 Security & Compliance 类工作流,并导入 Codex、Claude Code、Cursor 等 coding agent。

1217个 Skill
39出处
1072Low risk
Jul 13更新时间
61 个 Skill
自动定期更新
66推荐

audit-integrity

Security & Compliance

Shared audit integrity framework for all AppSec agents — enforces output quality, intellectual honesty, and continuous improvement through anti-rationalization guards, self-critique loops, retry protocols, non-negotiable behaviors, self-reflection quality gates (1-10 scoring, ≥8 threshold), and a self-learning system with lesson/memory governance for security analysis agents.

github/awesome-copilot·MIT·Agent SkillsCross-platform. Works with any language or framework analyzed by AppSec agents.
low100质量分
66推荐

declarative-agents

Security & Compliance

Complete development kit for Microsoft 365 Copilot declarative agents with three comprehensive workflows (basic, advanced, validation), TypeSpec support, and Microsoft 365 Agents Toolkit integration

github/awesome-copilot·MIT·Agent SkillsGitHub Copilot
low100质量分
66推荐

git-flow-branch-creator

Security & Compliance

Intelligent Git Flow branch creator that analyzes git status/diff and creates appropriate branches following the nvie Git Flow branching model.

github/awesome-copilot·MIT·Agent SkillsGitHub Copilot
low100质量分
66推荐

gtm-positioning-strategy

Security & Compliance

Find and own a defensible market position. Use when messaging sounds like competitors, conversion is weak despite awareness, repositioning a product, or testing positioning claims. Includes Crawl-Walk-Run rollout methodology and the word change that improved enterprise deal progression.

github/awesome-copilot·MIT·Agent SkillsGitHub Copilot
low100质量分
65推荐

postgresql-code-review

Security & Compliance

PostgreSQL-specific code review assistant focusing on PostgreSQL best practices, anti-patterns, and unique quality standards. Covers JSONB operations, array usage, custom types, schema design, function optimization, and PostgreSQL-exclusive security features like Row Level Security (RLS).

github/awesome-copilot·MIT·Agent Skills
low100质量分
65推荐

power-bi-model-design-review

Security & Compliance

Comprehensive Power BI data model design review prompt for evaluating model architecture, relationships, and optimization opportunities.

github/awesome-copilot·MIT·Agent Skills
low100质量分
65推荐

breakdown-epic-pm

Security & Compliance

Prompt for creating an Epic Product Requirements Document (PRD) for a new epic. This PRD will be used as input for generating a technical architecture specification.

github/awesome-copilot·MIT·Agent Skills
low100质量分
65推荐

breakdown-feature-prd

Security & Compliance

Prompt for creating Product Requirements Documents (PRDs) for new features, based on an Epic.

github/awesome-copilot·MIT·Agent Skills
low100质量分
65推荐

Create a formal specification for an existing GitHub Actions CI/CD workflow, optimized for AI consumption and workflow maintenance.

github/awesome-copilot·MIT·Agent Skills
low100质量分
65推荐

threat-model-analyst

Security & Compliance

Full STRIDE-A threat model analysis and incremental update skill for repositories and systems. Supports two modes: (1) Single analysis — full STRIDE-A threat model of a repository, producing architecture overviews, DFD diagrams, STRIDE-A analysis, prioritized findings, and executive assessments. (2) Incremental analysis — takes a previous threat model report as baseline, compares the codebase at the latest (or a given commit), and produces an updated report with change tracking (new, resolved, still-present threats), STRIDE heatmap, findings diff, and an embedded HTML comparison. Only activate when the user explicitly requests a threat model analysis, incremental update, or invokes /threat-model-analyst directly.

github/awesome-copilot·MIT·Agent Skills
low100质量分
65推荐

dotnet-best-practices

Security & Compliance

Ensure .NET/C# code meets best practices for the solution/project.

github/awesome-copilot·MIT·Agent Skills
low100质量分
65推荐

doublecheck

Security & Compliance

Three-layer verification pipeline for AI output. Extracts verifiable claims, finds supporting or contradicting sources via web search, runs adversarial review for hallucination patterns, and produces a structured verification report with source links for human review.

github/awesome-copilot·MIT·Agent Skills
low100质量分
65推荐

fabric-lakehouse

Security & Compliance

Use this skill to get context about Fabric Lakehouse and its features for software systems and AI-powered functions. It offers descriptions of Lakehouse data components, organization with schemas and shortcuts, access control, and code examples. This skill supports users in designing, building, and optimizing Lakehouse solutions using best practices.

github/awesome-copilot·MIT·Agent Skills
low100质量分
65推荐

gtm-enterprise-onboarding

Security & Compliance

Four-phase framework for onboarding enterprise customers from contract to value realization. Use when implementing new enterprise customers, preventing churn during onboarding, or solving the adoption cliff that kills deals post-go-live. Includes the Week 4 ghosting pattern.

github/awesome-copilot·MIT·Agent Skills
low100质量分
65推荐

gtm-product-led-growth

Security & Compliance

Build self-serve acquisition and expansion motions. Use when deciding PLG vs sales-led, optimizing activation, driving freemium conversion, building growth equations, or recognizing when product complexity demands human touch. Includes the parallel test where sales-led won 10x on revenue.

github/awesome-copilot·MIT·Agent Skills
low100质量分
65推荐

gtm-technical-product-pricing

Security & Compliance

Pricing strategy for technical products. Use when choosing usage-based vs seat-based, designing freemium thresholds, structuring enterprise pricing conversations, deciding when to raise prices, or using price as a positioning signal.

github/awesome-copilot·MIT·Agent Skills
low100质量分
65推荐

make-repo-contribution

Security & Compliance

All changes to code must follow the guidance documented in the repository. Before any issue is filed, branch is made, commits generated, or pull request (or PR) created, a search must be done to ensure the right steps are followed. Whenever asked to create an issue, commit messages, to push code, or create a PR, use this skill so everything is done correctly.

github/awesome-copilot·MIT·Agent Skills
low100质量分
64推荐

agent-supply-chain

Security & Compliance

Verify supply chain integrity for AI agent plugins, tools, and dependencies. Use this skill when: - Generating SHA-256 integrity manifests for agent plugins or tool packages - Verifying that installed plugins match their published manifests - Detecting tampered, modified, or untracked files in agent tool directories - Auditing dependency pinning and version policies for agent components - Building provenance chains for agent plugin promotion (dev → staging → production) - Any request like "verify plugin integrity", "generate manifest", "check supply chain", or "sign this plugin"

github/awesome-copilot·MIT·Agent SkillsClaude Code
low100质量分
64推荐

github-actions-hardening

Security & Compliance

Security hardening reviewer for GitHub Actions workflow files (.github/workflows/*.yml). Reasons about the Actions threat model that pattern matchers and general code linters miss — untrusted-input script injection, privileged triggers running fork code, mutable action references, and over-scoped tokens. Use this skill when asked to review, audit, harden, or secure a GitHub Actions workflow, when writing a new workflow, or for any request like "is this workflow safe?", "review my CI for security issues", "why is pull_request_target dangerous here?", "pin my actions", or "lock down GITHUB_TOKEN permissions". Covers script injection via ${{ }} interpolation, pull_request_target / workflow_run privilege escalation, SHA-pinning of third-party actions, least-privilege permissions, GITHUB_ENV/GITHUB_OUTPUT injection, secret exposure, OIDC over long-lived credentials, and self-hosted runner exposure on public repositories.

github/awesome-copilot·MIT·Agent Skills
low100质量分
63推荐

Design and implement Arduino integration with Azure IoT Hub and IoT Edge, including secure provisioning, resilient telemetry, command handling, and production guardrails.

github/awesome-copilot·MIT·Agent Skills
low100质量分
63推荐

qdrant-monitoring-setup

Security & Compliance

Guides Qdrant monitoring setup including Prometheus scraping, health probes, Hybrid Cloud metrics, alerting, and log centralization. Use when someone asks 'how to set up monitoring', 'Prometheus config', 'Grafana dashboard', 'health check endpoints', 'how to scrape Hybrid Cloud', 'what alerts to set', 'how to centralize logs', or 'audit logging'.

github/awesome-copilot·MIT·Agent Skills
low100质量分
63推荐

aws-well-architected-review

Security & Compliance

Perform an AWS Well-Architected Framework review of the current workload IaC and architecture, generating findings and GitHub issues for improvements.

github/awesome-copilot·MIT·Agent Skills
low100质量分
63推荐

azure-resource-health-diagnose

Security & Compliance

Analyze Azure resource health, diagnose issues from logs and telemetry, and create a remediation plan for identified problems.

github/awesome-copilot·MIT·Agent Skills
low100质量分
63推荐

update-avm-modules-in-bicep

Security & Compliance

Update Azure Verified Modules (AVM) to latest versions in Bicep files.

github/awesome-copilot·MIT·Agent Skills
low100质量分

按用途和 Coding Agent 浏览 Skill

查找适用于 Codex、Claude Code、GitHub Copilot、Cursor 和 Gemini CLI 的可追溯 Skill。