🔒

4 Agent Skills for Security Engineers

1 stacks

Skills for threat modeling, security architecture, compliance, and incident response.

AppSec, DevSecOps, compliance frameworks, vulnerability triage, and structured approaches to security review and risk assessment.

Read the guide: The best Agent Skills for security engineers →

New to Agent Skills? Learn how to install one in under a minute →

Security is documentation-intensive: threat models, risk assessments, compliance evidence, incident reports, security architecture reviews. The structured work is a significant portion of the job. These skills handle it.

The skills here cover threat modeling, AppSec review, security architecture documentation, compliance frameworks (ISO 27001, GDPR, SOC 2), vulnerability triage, and security incident response. They're built for security engineers and AppSec teams doing formal review and compliance work.

These are reasoning and documentation tools — they help structure security thinking and produce compliance-ready outputs. Security judgment and verification always stay with the engineer.

Stacks for security engineers

All stacks →
🔐

Security engineers & AppSec teams

The Security Engineering Stack

Threat modeling, security code review, zero-trust architecture, secrets management, ISO 27001, GDPR compliance, and ISMS auditing.

5 skills View stack →

Skills for security engineers

All skills →
🔒

GDPR/DSGVO Expert

by @alirezarezvani

Compliance

Navigate EU GDPR and German DSGVO compliance — data processing agreements, DPIAs, privacy policies, consent management, and data subject rights workflows.

View & install →
🔒

gstack: Chief Security Officer Audit

by @garrytan

Development

Infrastructure-first security audit: secrets archaeology, dependency supply chain, CI/CD security, OWASP Top 10, and STRIDE threat modelling. Zero noise — 8/10 confidence gate, 17 false positive exclusions. Every finding includes a concrete exploit scenario.

View & install →
🔐

Information Security Manager (ISO 27001)

by @alirezarezvani

Compliance

Implement and manage an ISMS per ISO 27001/27002 — risk assessments, security controls, incident management, and certification readiness.

View & install →
🛡️

Senior SecOps Engineer

by @alirezarezvani

Development

SAST/DAST scanning automation, CVE triage and remediation, GDPR and SOC2 compliance workflows, and security operations from a senior SecOps perspective.

View & install →