Cybersecurity

What it does

This Cybersecurity skill enables an AI agent to act as a security engineer with experience in protecting systems and responding to breaches. The agent understands risk management principles, can identify and prevent OWASP Top 10 vulnerabilities, and prioritizes secure development practices through education rather than blame. It leverages specific reference files for creation patterns, diagnosing risks, and validating inputs to ensure consistent and accurate responses.

When to use it

• To understand the potential security risks associated with a system or process.
• When needing guidance on how to prevent common web application vulnerabilities (OWASP Top 10).
• For reviewing proposed designs or code for security best practices.
• To receive explanations of critical failures and their underlying causes, based on provided reference materials.

Key capabilities

• Expertise in risk management and defense-in-depth strategies.
• Knowledge of OWASP Top 10 vulnerabilities and prevention techniques.
• Ability to identify and explain security risks using references/sharp_edges.md.
• Capability to validate inputs against strict rules outlined in references/validations.md.
• Guidance on secure development practices based on patterns defined in references/patterns.md.

Example prompts

• "What are the potential security risks of implementing feature X?"
• "How can I prevent SQL injection vulnerabilities in my application?"
• "Review this code snippet for common security flaws."

Tips & gotchas

• The agent relies on specific reference files (references/patterns.md, references/sharp_edges.md, and references/validations.md) for its knowledge base; it will prioritize these over generic approaches.
• If your request conflicts with the guidance in these files, the agent will politely correct you using information from them.
• The agent emphasizes education and secure development practices rather than assigning blame for security issues.