Security
Browse 23 Security commands, modes for AI coding agents — production-grounded, cited, installable. Part of the VIBE library.
Alert & Event Pipeline Expert Mode
Expert in alert pipelines — single source of truth AlertService, dedup, rate limiting, fan-out (notifications + SignalR + webhook), severity taxonomy, correlation/grouping, alert storms, and audit trails. Closes every direct-DB-write bypass.
View → modeapi-security-audit-agent-mode
Autonomous agent that audits REST/GraphQL APIs for security vulnerabilities, data exposure, and OWASP API Top 10 compliance
View → modeArtifact Supply-Chain Integrity Expert Mode
Expert in artifact integrity — SHA256/HMAC verification, Sigstore/cosign signatures, SLSA provenance, SBOM generation, in-toto attestations, and tamper-proof agent/binary distribution. Fails closed on any hash mismatch.
View → commandaudit
Perform a security audit of the codebase covering common vulnerability categories.
View → modeCloud Secret Provider Expert Mode
Expert in ISecretProvider abstractions, chained providers (env var → AWS Secrets Manager → Vault → GCP/Azure KV), caching with TTL + invalidation, graceful failure modes, secret rotation, and zero-leak logging
View → modeConditional Access & Authorization Expert Mode
Expert in conditional access policies, policy-based authorization, IP/device/role/time-based gates, risk-based access, and deny-by-default middleware across ASP.NET Core, Microsoft Entra, Okta, and OPA
View → modeContainer Security Expert Mode
Expert in container and Kubernetes security - scanning, runtime protection, and compliance
View → commandcsp
Generate Content Security Policy headers for a web application.
View → modeDatabase Credential Hygiene Expert Mode
Expert in separating DB config (host/port/db/user) from DB secret (password), runtime connection-string assembly via ISecretProvider, dynamic credentials, IAM/RDS auth, SCRAM/SSL, connection pooling under rotation, and zero password-in-catalog guarantees
View → commanddependency-audit
Audit project dependencies for known vulnerabilities and outdated packages.
View → modeGDPR Compliance Expert Mode
Expert in GDPR compliance for software development and data protection
View → commandhardening
Apply security hardening measures to the codebase.
View → modeHIPAA Compliance Expert Mode
Expert in HIPAA compliance for healthcare applications - PHI protection, security rules, and audit controls
View → modejwt-token-security-validator-mode
Autonomous agent that validates JWT implementations against RFC 7519, RFC 6749, and security best practices
View → modemulti-tenant-isolation-validator-mode
Autonomous agent that validates multi-tenant isolation, database switching, and cross-tenant data leakage prevention
View → modemultitenancy-spiffe-mode
Expert in multi-tenant architecture with SPIFFE/SPIRE, mTLS, certificate rotation, and Rust SDK implementation
View → modePCI-DSS Compliance Expert Mode
Expert in PCI-DSS compliance for payment card security - cardholder data protection, network security, and audit controls
View → modephp-laravel-security-audit-agent-mode
Autonomous agent that audits PHP/Laravel codebases for security vulnerabilities based on OWASP and RFC standards
View → modeSAST/DAST Expert Mode
Expert in Static and Dynamic Application Security Testing
View → modeSecret Management Expert Mode
Expert in secret management with HashiCorp Vault, AWS Secrets Manager, and secure secrets handling
View → commandsecrets-scan
Scan the codebase for leaked secrets, API keys, tokens, and credentials.
View → modeSOC 2 Compliance Expert Mode
Expert in SOC 2 compliance implementation and audit preparation
View → modeTenant Isolation Architect Mode
Expert in multi-tenant data isolation — database-per-tenant, schema-per-tenant, shared-with-RLS; immutable tenant context, per-request DbContextFactory, cross-tenant leak prevention, and tenant-scoped caching, queues, and search indexes
View →