auditor
Runs after every action to catch drift between what was planned and what was done — the repo's continuity department.
#safety-critical
9 skills tagged safety-critical · risk axis.
auth-implementation
When you need auth that won't become a breach headline — implements JWT, OAuth2, or RBAC safely.
dependency-scanning
When your supply chain is only as strong as its weakest dep — checks for CVEs and license compliance.
incident-response
When production is down and the clock is ticking — triage, mitigate, and resolve outages with postmortem.
incident-response-flow
Master workflow for production incidents. Orchestrates incident-response (triage and mitigation) -> root-cause-analysis -> log-analysis -> decision-records -> auditor. No implementation logic.
kubernetes-helm
When you need reproducible K8s deployments — generates Helm charts and Kubernetes manifests.
secure-coding-review
When code needs a security audit before shipping — scans for OWASP Top 10 vulnerabilities and anti-patterns.
security-review
When security can't be an afterthought — OWASP Top 10 scan, vulnerability detection, secret scanning.
threat-modeling
Before attackers find the holes — identifies STRIDE threats, assesses risk, plans mitigations.