Browse skills

Comprehensive cloud infrastructure configuration reviewer that audits Terraform, CloudFormation, Pulumi, Kubernetes manifests, Docker Compose, and Helm charts for security misconfigurations, cost optimization opportunities, reliability risks, and compliance violations. Checks against CIS benchmarks and AWS/GCP/Azure best practices. Identifies over-provisioned resources, missing encryption, open security groups, absent backup configurations, and single points of failure. Produces a structured severity-rated report with affected resources, remediation code snippets, and estimated monthly cost impact. Supports multi-cloud and hybrid deployments.

Deep security audit of source code — detect vulnerabilities (OWASP Top 10, CWE-25), find secrets/credentials, flag injection vectors, identify insecure dependencies, analyze authentication/authorization flaws, and produce a prioritized remediation report with severity ratings (Critical/High/Medium/Low), CWE IDs, and fix suggestions. Supports Python, JavaScript/TypeScript, Go, Rust, Solidity, Java, C/C++, Ruby, PHP.