Senior Secops
Skill Verifiziert AktivSenior SecOps engineer skill for application security, vulnerability management, compliance verification, and secure development practices. Runs SAST/DAST scans, generates CVE remediation plans, checks dependency vulnerabilities, creates security policies, enforces secure coding patterns, and automates compliance checks against SOC2, PCI-DSS, HIPAA, and GDPR. Use when conducting a security review or audit, responding to a CVE or security incident, hardening infrastructure, implementing authentication or secrets management, running penetration test prep, checking OWASP Top 10 exposure, or enforcing security controls in CI/CD pipelines.
To automate and standardize security reviews, vulnerability assessments, and compliance checks, enabling SecOps engineers to maintain a strong security posture.
Funktionen
- Runs SAST/DAST scans
- Checks dependency vulnerabilities (npm, Python, Go)
- Automates compliance checks (SOC 2, PCI-DSS, HIPAA, GDPR)
- Generates CVE remediation plans
- Enforces secure coding patterns
Anwendungsfälle
- Conducting a security review or audit
- Responding to a CVE or security incident
- Hardening infrastructure
- Enforcing security controls in CI/CD pipelines
Nicht-Ziele
- Performing live penetration testing
- Managing cloud infrastructure security directly
- Providing real-time threat intelligence feeds
Scope
- info:Tool surface sizeThere are three main tools exposed: `security_scanner.py`, `vulnerability_assessor.py`, and `compliance_checker.py`.
Installation
Zuerst Marketplace hinzufügen
/plugin marketplace add alirezarezvani/claude-skills/plugin install engineering-team@claude-code-skillsQualitätspunktzahl
VerifiziertVertrauenssignale
Ähnliche Erweiterungen
Clawsec Scanner
100Automated vulnerability scanner for agent platforms. Performs dependency scanning (npm audit, pip-audit), multi-database CVE lookup (OSV, NVD, GitHub Advisory), SAST analysis (Semgrep, Bandit), and agent-specific DAST hook execution testing for OpenClaw hooks.
Context Mode Ops
100Verwalten Sie GitHub-Issues, PRs, Releases und Marketing mit parallelen Subagenten-Armeen im Context-Mode. Orchestriert 10-20 dynamische Agenten pro Aufgabe. Verwenden Sie dies bei der Triage von Issues, der Überprüfung von PRs, der Veröffentlichung von Versionen, dem Schreiben von LinkedIn-Posts, der Ankündigung von Releases, der Behebung von Fehlern, dem Mergen von Beiträgen, der Validierung von ENV-Variablen, dem Testen von Adaptern oder dem Synchronisieren von Branches.
Azure Container Registry SDK for Python
100Azure Container Registry SDK for Python. Use for managing container images, artifacts, and repositories. Triggers: "azure-containerregistry", "ContainerRegistryClient", "container images", "docker registry", "ACR".
Azure App Configuration SDK for Python
100Azure App Configuration SDK for Python. Use for centralized configuration management, feature flags, and dynamic settings. Triggers: "azure-appconfiguration", "AzureAppConfigurationClient", "feature flags", "configuration", "key-value settings".
Ship Gate
100Pre-production audit that scans a codebase for security, database, deployment, code quality, AI/LLM, dependency, frontend, and observability issues. Intercepts deploy commands and blocks until critical items pass. Stack-agnostic. Use for "run ship gate", "am I ready to ship", "pre-launch audit", "can I deploy", "push to production", "go live checklist", "preflight check". Not for CI/CD setup or infra provisioning.
Prepare Inspection Readiness
100Prepare an organisation for regulatory inspection by assessing readiness against agency-specific focus areas (FDA, EMA, MHRA). Covers warning letter and 483 theme analysis, mock inspection protocols, document bundle preparation, inspection logistics, and response template creation. Use when a regulatory inspection has been announced or is anticipated, when a periodic self-assessment is due, when new systems have been implemented since the last inspection, or after a significant audit finding that may attract regulatory attention.