Skip to content

Skill Catalog

Browse 4,314 curated AI agent skills. No account needed.

Agent Orchestration

Compare Hotels

Unified hotel comparison across Chase Edit, Amex FHR/THC, metasearch, and Airbnb. Highlights premium program benefits, stacking opportunities, and benefit-adjusted pricing.

#travel#flights#hotelsAgent Orchestration

Compass

Navigating the skill ecosystem and guiding onboarding. Lists agents, recommends best fit for tasks. Don't use for task execution (Nexus), agent design (Architect).

#broad-capability#development#securityAgent Orchestration

Context Compression

This skill should be used when long-running agent sessions need context compression, structured summarization, compaction, token-per-task optimization, or durable handoff summaries that preserve decisions, files, risks, and next actions.

#broad-capability#agent-skills#designAgent Orchestration

Context Degradation Patterns

Diagnose and fix context failures before they cascade. Context degradation is not binary — it is a continuum that manifests through five distinct, predictable patterns: lost-in-middle, poisoning, distraction, confusion, and clash. Each pattern has specific detection signals and mitigation strategies. Treat degradation as an engineering problem with measurable thresholds, not an unpredictable failure mode.

#broad-capability#agent-skills#designAgent Orchestration

Context Engine

Loads and manages company context for all C-suite advisor skills. Reads ~/.claude/company-context.md, detects stale context (>90 days), enriches context during conversations, and enforces privacy/anonymization rules before external API calls. Use when starting any C-suite advisor session, when context looks stale or missing, or before sending company data to an external service.

#work-life#productivity#businessAgent Orchestration

Data, AI & Research

Business, Marketing & Sales

Compete

Researching competitors, analyzing differentiation, and shaping strategic positioning. Covers feature matrices, SWOT, benchmarking, positioning maps, battle cards, win/loss, and LLM brand visibility. Research only — no code. Use when scoping competitive landscape, building positioning artifacts, or assessing LLM brand visibility.

#broad-capability#development#securityBusiness, Marketing & Sales

Competitive Ads Extractor

Extracts and analyzes competitors' ads from ad libraries (Facebook, LinkedIn, etc.) to understand what messaging, problems, and creative approaches are working. Helps inspire and improve your own ad campaigns.

#competitive#intelligenceBusiness, Marketing & Sales

Competitive Analysis

Analyze competitors systematically. Compare products, features, pricing, positioning, and market strategies. Generate comprehensive competitive intelligence reports.

#work-life#office#productivityBusiness, Marketing & Sales

Competitive Battlecard

Create sales-ready competitive battlecards comparing your product against a specific competitor — positioning, feature comparison, objection handling, and win/loss patterns. Use when preparing sales teams, creating competitive materials, or responding to 'why not competitor X?'

#work-life#productivity#product-managementBusiness, Marketing & Sales

Competitive Brief

Create a competitive analysis brief for one or more competitors or a feature area. Use when informing product strategy or feature prioritization, building sales battle cards, prepping board or investor materials, or deciding where to differentiate vs. achieve parity.

#work-life#productivity#knowledge-workBusiness, Marketing & Sales

Competitive Brief

Research competitors and generate a positioning and messaging comparison with content gaps, opportunities, and threats. Use when building sales battlecards, when finding positioning gaps and messaging angles competitors haven't claimed, or when a competitor makes a move and you need to assess the impact.

#work-life#productivity#knowledge-workBusiness, Marketing & Sales

Competitive Intel

Systematic competitor tracking that feeds CMO positioning, CRO battlecards, and CPO roadmap decisions. Use when analyzing competitors, building sales battlecards, tracking market moves, positioning against alternatives, or when user mentions competitive intelligence, competitive analysis, competitor research, battlecards, win/loss, or market positioning.

#work-life#productivity#businessBusiness, Marketing & Sales

Competitive Intelligence

Research your competitors and build an interactive battlecard. Outputs an HTML artifact with clickable competitor cards and a comparison matrix. Trigger with "competitive intel", "research competitors", "how do we compare to [competitor]", "battlecard for [competitor]", or "what's new with [competitor]".

#work-life#productivity#knowledge-workBusiness, Marketing & Sales

Competitive Landscape

Analyze competition, identify differentiation opportunities, and develop winning market positioning strategies using Porter's Five Forces, Blue Ocean Strategy, and positioning maps. Use this skill when evaluating competitors, assessing market positioning, identifying sustainable competitive advantages, or preparing competitive strategy analysis for a startup or investor pitch.

#broad-capability#engineering#agent-skillsBusiness, Marketing & Sales

Competitive Teardown

Analyzes competitor products and companies by synthesizing data from pricing pages, app store reviews, job postings, SEO signals, and social media into structured competitive intelligence. Produces feature comparison matrices scored across 12 dimensions, SWOT analyses, positioning maps, UX audits, pricing model breakdowns, action item roadmaps, and stakeholder presentation templates. Use when conducting competitor analysis, comparing products against competitors, researching the competitive landscape, building battle cards for sales, preparing for a product strategy or roadmap session, responding to a competitor's new feature or pricing change, or performing a quarterly competitive review.

#work-life#productivity#businessBusiness, Marketing & Sales

Competitor Alternatives

When the user wants to create competitor comparison or alternative pages for SEO and sales enablement. Also use when the user mentions 'alternative page,' 'vs page,' 'competitor comparison,' 'comparison page,' '[Product] vs [Product],' '[Product] alternative,' 'competitive landing pages,' 'switch from competitor,' or 'comparison content.' Covers four formats: singular alternative, plural alternatives, you vs competitor, and competitor vs competitor. Emphasizes deep research, modular content architecture, and varied section types beyond feature tables.

#work-life#productivity#businessBusiness, Marketing & Sales

Competitor Analysis

Compare two or more companies, products, or platforms across pricing, features, positioning, and docs. Use this skill whenever the user says "compare X vs Y", "how does X stack up against Y", "alternatives to X", "competitive landscape of …", "X vs Y vs Z", or asks for a competitor matrix. Uses search to discover competitors when the user only names a category, then scrape for each competitor's homepage, pricing page, and features/docs. Returns a normalized comparison matrix as JSON.

#firecrawl-firecrawl-agent#crawling#competitiveBusiness, Marketing & Sales

Competitor Analysis

When the user wants to analyze competitors' App Store strategy, find keyword gaps, or understand competitive positioning. Also use when the user mentions "competitor analysis", "competitive research", "keyword gap", "what are my competitors doing", or "compare my app to". For keyword-specific research, see keyword-research. For metadata writing, see metadata-optimization.

#work-life#productivity#app-store-optimizationBusiness, Marketing & Sales

Competitor Analysis

Analyze competitors with strengths, weaknesses, and differentiation opportunities. Identifies direct competitors and maps the competitive landscape. Use when doing competitive research, preparing a competitive brief, or finding differentiation opportunities.

#work-life#productivity#product-managementBusiness, Marketing & Sales

Competitor Intel

Analyzes competitors using web research to provide verified business metrics, actionable leverage strategies, and predicted next moves. Use when user needs competitive intelligence, competitor analysis, market positioning insights, or strategic leverage opportunities.

#work-life#productivity#startupBusiness, Marketing & Sales

Competitor Profiling

When the user wants to research, profile, or analyze competitors from their URLs. Also use when the user mentions 'competitor profile,' 'competitor research,' 'competitor analysis,' 'profile this competitor,' 'analyze competitor,' 'competitive intelligence,' 'competitor deep dive,' 'who are my competitors,' 'competitor landscape,' 'competitor dossier,' 'competitive audit,' or 'research these competitors.' Input is a list of competitor URLs. Output is structured competitor profile markdown files. For creating comparison/alternative pages from profiles, see competitors. For sales-specific battle cards, see sales-enablement.

#work-life#productivity#marketingBusiness, Marketing & Sales

Competitors

When the user wants to create competitor comparison or alternative pages for SEO and sales enablement. Also use when the user mentions 'alternative page,' 'vs page,' 'competitor comparison,' 'comparison page,' '[Product] vs [Product],' '[Product] alternative,' 'competitive landing pages,' 'how do we compare to X,' 'battle card,' or 'competitor teardown.' Use this for any content that positions your product against competitors. Covers four formats: singular alternative, plural alternatives, you vs competitor, and competitor vs competitor. For sales-specific competitor docs, see sales-enablement.

#work-life#productivity#marketingBusiness, Marketing & Sales

Competitors Analysis

Analyze competitor repositories with evidence-based approach. Use when tracking competitors, creating competitor profiles, or generating competitive analysis. CRITICAL - all analysis must be based on actual cloned code, never assumptions. Triggers include "analyze competitor", "add competitor", "competitive analysis", or "竞品分析".

#broad-capability#research#documentsBusiness, Marketing & Sales

Competitor Tracking

When the user wants to monitor competitor apps on an ongoing basis — tracking metadata changes, keyword shifts, screenshot updates, rating trends, or new features. Use when the user mentions "competitor monitoring", "track competitors", "competitor alert", "competitor changed their title", "watch a competitor app", "competitor weekly report", "competitive intelligence", or "what changed in competitor's listing". For a one-time deep competitive analysis, see competitor-analysis. For market-wide chart movements, see market-movers.

#work-life#productivity#app-store-optimizationBusiness, Marketing & Sales

Compose Outreach

Generate personalized outreach messages using Common Room signals. Triggers on 'draft outreach to [person]', 'write an email to [name]', 'compose a message for [contact]', or any outreach drafting request.

#work-life#productivity#knowledge-workBusiness, Marketing & Sales

Contact Research

Research a specific person using Common Room data. Triggers on 'who is [name]', 'look up [email]', 'research [contact]', 'is [name] a warm lead', or any contact-level question.

#work-life#productivity#knowledge-workBusiness, Marketing & Sales

Content Creation

Draft marketing content across channels — blog posts, social media, email newsletters, landing pages, press releases, and case studies. Use when writing any marketing content, when you need channel-specific formatting, SEO-optimized copy, headline options, or calls to action.

#work-life#productivity#knowledge-workBusiness, Marketing & Sales

Content Humanizer

Makes AI-generated content sound genuinely human — not just cleaned up, but alive. Use when content feels robotic, uses too many AI clichés, lacks personality, or reads like it was written by committee. Triggers: 'this sounds like AI', 'make it more human', 'add personality', 'it feels generic', 'sounds robotic', 'fix AI writing', 'inject our voice'. NOT for initial content creation (use content-production). NOT for SEO optimization (use content-production Mode 3).

#work-life#productivity#businessBusiness, Marketing & Sales

Content Production

Full content production pipeline — takes a topic from blank page to published-ready piece. Use when you need to execute content: write a blog post, article, or guide end-to-end. Triggers: 'write a post about', 'draft an article', 'create content for', 'help me write', 'I need a blog post'. NOT for content strategy or calendar planning (use content-strategy). NOT for repurposing existing content (use content-repurposing). NOT for social captions only.

#work-life#productivity#businessBusiness, Marketing & Sales

Content Repurposing Studio

Transforms one piece of original content into 5-10 platform-adapted assets while preserving message integrity, adapting format per platform, and maintaining a cross-linking strategy.

#content-marketing#repurposing#social-mediaBusiness, Marketing & Sales

Content Strategy

When the user wants to plan a content strategy, decide what content to create, or figure out what topics to cover. Also use when the user mentions "content strategy," "what should I write about," "content ideas," "blog strategy," "topic clusters," "content planning," "editorial calendar," "content marketing," "content roadmap," "what content should I create," "blog topics," "content pillars," or "I don't know what to write." Use this whenever someone needs help deciding what content to produce, not just writing it. For writing individual pieces, see copywriting. For SEO-specific audits, see seo-audit. For social media content specifically, see social.

#work-life#productivity#marketingBusiness, Marketing & Sales

Content Strategy

When the user wants to plan a content strategy, decide what content to create, or figure out what topics to cover. Also use when the user mentions "content strategy," "what should I write about," "content ideas," "blog strategy," "topic clusters," or "content planning." For writing individual pieces, see copywriting. For SEO-specific audits, see seo-audit.

#work-life#productivity#businessBusiness, Marketing & Sales

Software Engineering

Complete

Complete task: validate, document, review, commit, and merge to develop. Use when all implementation is done and ready to finalize.

#personal-productivity#daily-routine#weekly-reviewSoftware Engineering

Component Refactoring

Refactor high-complexity React components in Dify frontend. Use when `pnpm analyze-component --json` shows complexity > 50 or lineCount > 300, when the user asks for code splitting, hook extraction, or complexity reduction, or when `pnpm analyze-component` warns to refactor before testing; avoid for simple/well-structured components, third-party wrappers, or when the user explicitly wants testing without refactoring.

#work-life#productivity#documentationSoftware Engineering

Configuring Dbt MCP Server

Generates MCP server configuration JSON, resolves authentication setup, and validates server connectivity for dbt. Use when setting up, configuring, or troubleshooting the dbt MCP server for AI tools like Claude Desktop, Claude Code, Cursor, or VS Code.

#dbt#analytics-engineering#dataSoftware Engineering

Configuring R8 For Compose

Use this skill to configure R8 correctly for a Jetpack Compose application — full mode by default, `proguard-android-optimize.txt`, resource shrinking on, and minimal keep rules because Compose ships consumer ProGuard rules. Covers AGP 8.0+ R8 full mode default, R8's Compose-aware optimizations (lambda grouping, `sourceInformation()` stripping, composable arg constant-folding, `ComposerImpl` devirtualization), legitimate keep needs (`@Serializable`, Hilt entry points, reflective `Saver`s), and the AGP 8.x missing-rule reporter / R8 retrace. Cited gain is roughly 75 percent startup and 60 percent frame-render improvement debug-to-release. Use when setting up a new Compose app, when a PR adds an over-broad keep like `-keep class androidx.compose.** { *; }`, when a release build crashes after enabling minification, when APK size needs reduction, or when first enabling minification.

#android#jetpack-compose#performanceSoftware Engineering

Content Management Systems

Workflow for building and modifying content management systems across WordPress, Shopify, Wix, Squarespace, Drupal, WooCommerce, Joomla, HubSpot CMS Hub, Webflow, Adobe Experience Manager, and similar platforms. Use when working on CMS themes, plugins, apps, modules, admin panels, media uploads, content models, editors, markdown pipelines, or static export workflows.

#github-copilot#backend#developmentSoftware Engineering

Context7

Up-to-date, version-specific library documentation and working code examples sourced from real project repos via the Context7 documentation aggregation API — covers 1000+ libraries (React, Next.js, Vue, Kubernetes, Go, Python, TypeScript, Prisma, Tailwind, and more). USE WHEN looking up API signatures, framework docs, version-specific behavior, code examples, library configuration, migration guides, OR before writing code against a library you might be guessing about. NOT FOR refactoring existing code, debugging business logic, general programming concepts, or libraries Context7 doesn't index (use web search instead). Grounds answers in real source documentation to prevent hallucinated APIs.

#broad-capability#devops#azureSoftware Engineering

Context7-aware development

Use Context7 for authoritative external docs and API references when local context is insufficient

#github-copilot#architectureSoftware Engineering

Context Architect

An agent that helps plan and execute multi-file changes by identifying relevant context and dependencies

#github-copilot#planningSoftware Engineering

Context Driven Development

Creates and maintains project context artifacts (product.md, tech-stack.md, workflow.md, tracks.md) in a `conductor/` directory. Scaffolds new projects from scratch, extracts context from existing codebases, validates artifact consistency before implementation, and synchronizes documents as the project evolves. Use when setting up a project, creating or updating product docs, managing a tech stack file, defining development workflows, tracking work units, onboarding to an existing codebase, or running project scaffolding.

#broad-capability#engineering#agent-skillsSoftware Engineering

Context Engineering

Guidelines for structuring code and projects to maximize GitHub Copilot effectiveness through better context management

#github-copilot#architectureSoftware Engineering

Context Engineering

Optimizes agent context setup. Use when starting a new session, when agent output quality degrades, when switching between tasks, or when you need to configure rules files and context for a project.

#engineering#software-engineering#architectureSoftware Engineering

Context Hunter

Discover codebase patterns, conventions, and unwritten rules before making changes. Use when implementing features, fixing bugs, or refactoring code.

#broad-capability#creative#architectureSoftware Engineering

Security & Compliance

Compliance Check

Run a compliance check on a proposed action, product feature, or business initiative, surfacing applicable regulations, required approvals, and risk areas. Use when launching a feature that touches personal data, when marketing or product proposes something with regulatory implications, or when you need to know which approvals and jurisdictional requirements apply before proceeding.

#work-life#productivity#knowledge-workSecurity & Compliance

Compliance Mapping

Maps accessibility audit results to legal/regulatory frameworks — Section 508, EN 301 549, EAA, ADA, AODA. Generates VPAT 2.5 conformance tables and identifies non-WCAG requirements.

#broad-capability#accessibility#a11ySecurity & Compliance

Conducting API Security Testing

Conducts security testing of REST, GraphQL, and gRPC APIs to identify vulnerabilities in authentication, authorization, rate limiting, input validation, and business logic. The tester uses the OWASP API Security Top 10 as the testing framework, combining Burp Suite interception with Postman collections and custom scripts to test endpoint security at every privilege level. Activates for requests involving API security testing, REST API pentest, GraphQL security assessment, or API vulnerability testing.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Cloud Incident Response

Responds to security incidents in cloud environments (AWS, Azure, GCP) by performing identity-based containment, cloud-native log analysis, resource isolation, and forensic evidence acquisition adapted for ephemeral cloud infrastructure. Activates for requests involving cloud incident response, AWS security incident, Azure compromise, GCP breach, cloud forensics, or cloud identity compromise.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Cloud Penetration Testing

This skill outlines methodologies for performing authorized penetration testing against AWS, Azure, and GCP cloud environments. It covers understanding the shared responsibility model for testing scope, leveraging cloud-specific attack tools like Pacu and ScoutSuite, exploiting IAM misconfigurations, testing for SSRF to cloud metadata services, and reporting findings aligned to MITRE ATT&CK Cloud matrix.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Domain Persistence With Dcsync

Perform DCSync attacks to replicate Active Directory credentials and establish domain persistence by extracting KRBTGT, Domain Admin, and service account hashes for Golden Ticket creation.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting External Reconnaissance With Osint

Conducts external reconnaissance using Open Source Intelligence (OSINT) techniques to map an organization's external attack surface without directly interacting with target systems. The tester gathers information from public sources including DNS records, certificate transparency logs, search engines, social media, code repositories, and data breach databases to build a comprehensive target profile. Activates for requests involving OSINT reconnaissance, external footprinting, attack surface mapping, or passive information gathering.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Full Scope Red Team Engagement

Plan and execute a comprehensive red team engagement covering reconnaissance through post-exploitation using MITRE ATT&CK-aligned TTPs to evaluate an organization's detection and response capabilities.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Internal Network Penetration Test

Execute an internal network penetration test simulating an insider threat or post-breach attacker to identify lateral movement paths, privilege escalation vectors, and sensitive data exposure within the corporate network.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Internal Reconnaissance With Bloodhound Ce

Conduct internal Active Directory reconnaissance using BloodHound Community Edition to map attack paths, identify privilege escalation chains, and discover misconfigurations in domain environments.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Malware Incident Response

Responds to malware infections across enterprise endpoints by identifying the malware family, determining infection vectors, assessing spread, and executing eradication procedures. Covers the full lifecycle from detection through containment, analysis, removal, and recovery. Activates for requests involving malware response, malware eradication, trojan removal, worm containment, malware triage, or infected endpoint remediation.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Man In The Middle Attack Simulation

Simulates man-in-the-middle attacks using Ettercap, mitmproxy, and Bettercap in authorized environments to intercept, analyze, and modify network traffic for testing encryption enforcement, certificate validation, and detection capabilities.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Memory Forensics With Volatility

Performs memory forensics analysis using Volatility 3 to extract evidence of malware execution, process injection, network connections, and credential theft from RAM dumps captured during incident response. Covers memory acquisition, process analysis, DLL inspection, and malware detection. Activates for requests involving memory forensics, RAM analysis, Volatility framework, memory dump investigation, volatile evidence analysis, or live memory acquisition.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Mobile App Penetration Test

Conducts penetration testing of iOS and Android mobile applications following the OWASP Mobile Application Security Testing Guide (MASTG) to identify vulnerabilities in data storage, network communication, authentication, cryptography, and platform-specific security controls. The tester performs static analysis of application binaries, dynamic analysis at runtime, and API security testing to evaluate the complete mobile attack surface. Activates for requests involving mobile app pentest, iOS security assessment, Android security testing, or OWASP MASTG assessment.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Network Penetration Test

Conducts comprehensive network penetration tests against authorized target environments by performing host discovery, port scanning, service enumeration, vulnerability identification, and controlled exploitation to assess the security posture of network infrastructure. The tester follows PTES methodology from reconnaissance through post-exploitation and reporting. Activates for requests involving network pentest, infrastructure security assessment, internal network testing, or external perimeter testing.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Pass The Ticket Attack

Pass-the-Ticket (PtT) is a lateral movement technique that uses stolen Kerberos tickets (TGT or TGS) to authenticate to services without knowing the user's password. By extracting Kerberos tickets fro

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Phishing Incident Response

Responds to phishing incidents by analyzing reported emails, extracting indicators, assessing credential compromise, quarantining malicious messages across the organization, and remediating affected accounts. Covers email header analysis, URL/attachment sandboxing, and mailbox-wide purge operations. Activates for requests involving phishing response, email incident, credential phishing, spear phishing investigation, or phishing remediation.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Post Incident Lessons Learned

Facilitate structured post-incident reviews to identify root causes, document what worked and failed, and produce actionable recommendations to improve future incident response.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Social Engineering Penetration Test

Design and execute a social engineering penetration test including phishing, vishing, smishing, and physical pretexting campaigns to measure human security resilience and identify training gaps.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Social Engineering Pretext Call

Plan and execute authorized vishing (voice phishing) pretext calls to assess employee susceptibility to social engineering and evaluate security awareness controls.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Spearphishing Simulation Campaign

Spearphishing simulation is a targeted social engineering attack vector used by red teams to gain initial access. Unlike broad phishing campaigns, spearphishing uses OSINT-derived intelligence to craf

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Conducting Wireless Network Penetration Test

Conducts authorized wireless network penetration tests to assess the security of WiFi infrastructure by testing for weak encryption protocols, captive portal bypasses, evil twin attacks, WPA2/WPA3 handshake capture, rogue access point detection, and client-side attacks. The tester evaluates wireless authentication, network segmentation, and the effectiveness of wireless intrusion detection systems. Activates for requests involving wireless pentest, WiFi security assessment, WPA2/WPA3 testing, or rogue access point detection.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring AWS Verified Access For Ztna

Configure AWS Verified Access to provide VPN-less zero trust network access to internal applications using identity and device posture verification with Cedar policy language.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Host Based Intrusion Detection

Configures host-based intrusion detection systems (HIDS) to monitor endpoint file integrity, system calls, and configuration changes for security violations. Use when deploying OSSEC, Wazuh, or AIDE for endpoint monitoring, building file integrity monitoring (FIM) policies, or meeting compliance requirements for change detection. Activates for requests involving HIDS configuration, file integrity monitoring, OSSEC/Wazuh deployment, or host-based detection.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Identity Aware Proxy With Google Iap

Configuring Google Cloud Identity-Aware Proxy (IAP) to enforce per-request identity verification for Compute Engine, App Engine, Cloud Run, and GKE services using access levels, context-aware policies, and programmatic access with service accounts.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Microsegmentation For Zero Trust

Configure microsegmentation policies to enforce least-privilege workload-to-workload access using tools like VMware NSX, Illumio, and Calico, preventing lateral movement in zero trust architectures.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Multi Factor Authentication With Duo

Deploy Cisco Duo multi-factor authentication across enterprise applications, VPN, RDP, and SSH access points. This skill covers Duo integration methods, adaptive authentication policies, device trust

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Network Segmentation With Vlans

Designs and implements VLAN-based network segmentation on managed switches to isolate network zones, enforce access control between segments, and reduce the attack surface by limiting lateral movement paths in enterprise network environments.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Oauth2 Authorization Flow

Configure secure OAuth 2.0 authorization flows including Authorization Code with PKCE, Client Credentials, and Device Authorization Grant. This skill covers flow selection, PKCE implementation, token

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Pfsense Firewall Rules

Configures pfSense firewall rules, NAT policies, VPN tunnels, and traffic shaping to enforce network segmentation, control traffic flow, and protect internal network zones in enterprise and small-to-medium business environments.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Snort Ids For Intrusion Detection

Installs, configures, and tunes Snort 3 intrusion detection system to monitor network traffic for malicious activity using custom and community rulesets, preprocessors, and alert output plugins on authorized network segments.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Suricata For Network Monitoring

Deploys and configures Suricata IDS/IPS with Emerging Threats rulesets, EVE JSON logging, and custom rules for real-time network traffic inspection, threat detection, and integration with SIEM platforms for centralized security monitoring.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Tls 1 3 For Secure Communications

TLS 1.3 (RFC 8446) is the latest version of the Transport Layer Security protocol, providing significant improvements over TLS 1.2 in both security and performance. It reduces handshake latency to 1-R

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Windows Defender Advanced Settings

Configures Microsoft Defender for Endpoint (MDE) advanced protection settings including attack surface reduction rules, controlled folder access, network protection, and exploit protection. Use when hardening Windows endpoints beyond default Defender settings, deploying enterprise-grade endpoint protection, or meeting compliance requirements for advanced malware defense. Activates for requests involving Windows Defender configuration, ASR rules, MDE tuning, or Microsoft endpoint security.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Windows Event Logging For Detection

Configures Windows Event Logging with advanced audit policies to generate high-fidelity security events for threat detection and forensic investigation. Use when enabling audit policies for logon events, process creation, privilege use, and object access to feed SIEM detection rules. Activates for requests involving Windows audit policy, event log configuration, security logging, or detection-oriented logging.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Configuring Zscaler Private Access For Ztna

Configuring Zscaler Private Access (ZPA) to replace traditional VPN with zero trust network access by deploying App Connectors, defining application segments, configuring access policies based on user identity and device posture, and integrating with IdPs.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

Containing Active Breach

Executes containment strategies to stop active adversary operations and prevent lateral movement during a confirmed security breach. Implements short-term and long-term containment using network segmentation, endpoint isolation, credential revocation, and access control modifications. Activates for requests involving breach containment, lateral movement prevention, network isolation, active threat containment, or live incident response.

#mukul-cybersecurity-skills#security#cybersecuritySecurity & Compliance

DevOps & Cloud

Comprehensive Guide: Converting Spring Boot Cassandra Applications to use Azure Cosmos DB with Spring Data Cosmos (spring-data-cosmos)

Step-by-step guide for converting Spring Boot Cassandra applications to use Azure Cosmos DB with Spring Data Cosmos

#github-copilot#cloud#architectureDevOps & Cloud

Containerization & Docker Best Practices

Comprehensive best practices for creating optimized, secure, and efficient Docker images and managing containers. Covers multi-stage builds, image layer optimization, security scanning, and runtime best practices.

#github-copilot#docker#containerizationDevOps & Cloud

Containerize Aspnetcore

Containerize an ASP.NET Core project by creating Dockerfile and .dockerfile files customized for the project.

#github-copilot#docker#containerizationDevOps & Cloud

Containerize Aspnet Framework

Containerize an ASP.NET .NET Framework project by creating Dockerfile and .dockerfile files customized for the project.

#github-copilot#docker#containerizationDevOps & Cloud

Container Security

Container image security scanning, Dockerfile hardening, and ACR image management. Use when scanning container images for vulnerabilities with Trivy, hardening Dockerfiles (pinning versions, non-root runtime, SSH config), importing images to Azure Container Registry to avoid Docker Hub rate limits, or analyzing CVE findings. Also trigger when the user mentions image security, vulnerability scanning, CVE remediation, container hardening, Trivy scan, Docker security, or ACR image import — even if they don't explicitly say "container security".

#broad-capability#devops#azureDevOps & Cloud

Design, Media & Creative

Science & Simulation

Mobile App Development

Presentations & Documents

Personal Productivity

Education & Writing