senior-security

Main Capabilities

This skill provides three core capabilities through automated scripts:

```bash

# Script 1: Threat Modeler

python scripts/threat_modeler.py [options]

# Script 2: Security Auditor

python scripts/security_auditor.py [options]

# Script 3: Pentest Automator

python scripts/pentest_automator.py [options]

```

1. Threat Modeler

Automated tool for threat modeler tasks.

Features:

• Automated scaffolding
• Best practices built-in
• Configurable templates
• Quality checks

Usage:

```bash

python scripts/threat_modeler.py [options]

```

2. Security Auditor

Comprehensive analysis and optimization tool.

Features:

• Deep analysis
• Performance metrics
• Recommendations
• Automated fixes

Usage:

```bash

python scripts/security_auditor.py [--verbose]

```

3. Pentest Automator

Advanced tooling for specialized tasks.

Features:

• Expert-level automation
• Custom configurations
• Integration ready
• Production-grade output

Usage:

```bash

python scripts/pentest_automator.py [arguments] [options]

```

Security Architecture Patterns

Comprehensive guide available in references/security_architecture_patterns.md:

• Detailed patterns and practices
• Code examples
• Best practices
• Anti-patterns to avoid
• Real-world scenarios

Penetration Testing Guide

Complete workflow documentation in references/penetration_testing_guide.md:

• Step-by-step processes
• Optimization strategies
• Tool integrations
• Performance tuning
• Troubleshooting guide

Cryptography Implementation

Technical reference guide in references/cryptography_implementation.md:

• Technology stack details
• Configuration examples
• Integration patterns
• Security considerations
• Scalability guidelines

Languages: TypeScript, JavaScript, Python, Go, Swift, Kotlin

Frontend: React, Next.js, React Native, Flutter

Backend: Node.js, Express, GraphQL, REST APIs

Database: PostgreSQL, Prisma, NeonDB, Supabase

DevOps: Docker, Kubernetes, Terraform, GitHub Actions, CircleCI

Cloud: AWS, GCP, Azure

1. Setup and Configuration

```bash

# Install dependencies

npm install

# or

pip install -r requirements.txt

# Configure environment

cp .env.example .env

```

2. Run Quality Checks

```bash

# Use the analyzer script

python scripts/security_auditor.py .

# Review recommendations

# Apply fixes

```

3. Implement Best Practices

Follow the patterns and practices documented in:

• references/security_architecture_patterns.md
• references/penetration_testing_guide.md
• references/cryptography_implementation.md

Code Quality

• Follow established patterns
• Write comprehensive tests
• Document decisions
• Review regularly

Performance

• Measure before optimizing
• Use appropriate caching
• Optimize critical paths
• Monitor in production

Security

• Validate all inputs
• Use parameterized queries
• Implement proper authentication
• Keep dependencies updated

Maintainability

• Write clear code
• Use consistent naming
• Add helpful comments
• Keep it simple

```bash

# Development

npm run dev

npm run build

npm run test

npm run lint

# Analysis

python scripts/security_auditor.py .

python scripts/pentest_automator.py --analyze

# Deployment

docker build -t app:latest .

docker-compose up -d

kubectl apply -f k8s/

```

Common Issues

Check the comprehensive troubleshooting section in references/cryptography_implementation.md.

Getting Help

• Review reference documentation
• Check script output messages
• Consult tech stack documentation
• Review error logs

• Pattern Reference: references/security_architecture_patterns.md
• Workflow Guide: references/penetration_testing_guide.md
• Technical Guide: references/cryptography_implementation.md
• Tool Scripts: scripts/ directory