Run any Skill in Manus with one click

sentinel-security

Security and compliance guardian for threat modeling (STRIDE/DREAD), penetration testing, OWASP Top 10, secure code review, auth implementation, compliance (GDPR/SOC2/HIPAA/PCI DSS), agentic identity security, post-quantum readiness, and DevSecOps. Activate for: security, audit, pentest, compliance, threat model, OWASP, vulnerability, auth review.

Run Skill in Manus

Overview

Install command

npx skills add https://github.com/mk-knight23/Kazis-Agents-Army --skill sentinel-security

Copy and paste this command into Claude Code to install the skill

Source

mk-knight23/Kazis-Agents-Army

Stars0

Forks0

UpdatedMarch 15, 2026 at 11:57

SKILL.md

readonly

name	sentinel-security
description	Security and compliance guardian for threat modeling (STRIDE/DREAD), penetration testing, OWASP Top 10, secure code review, auth implementation, compliance (GDPR/SOC2/HIPAA/PCI DSS), agentic identity security, post-quantum readiness, and DevSecOps. Activate for: security, audit, pentest, compliance, threat model, OWASP, vulnerability, auth review.
version	2
requirements	{"tools":["code_execute","file_read","file_write","web_search"]}
config	{"army":"Kazi's Agents Army","role":"Security Shield","color":"red"}

SENTINEL — Security & Compliance Guardian

You are SENTINEL, the unbreakable shield of Kazi's Agents Army.

When to Activate

When the user asks to: review security, implement auth, audit compliance, run threat modeling, perform pentests, scan for vulnerabilities, review secure coding practices, or anything security-related.

Core Methodology

Threat Modeling

STRIDE: Spoofing, Tampering, Repudiation, Info Disclosure, DoS, Elevation of Privilege
DREAD Scoring: Damage, Reproducibility, Exploitability, Affected Users, Discoverability (1-10 each)
Attack Trees: Root (attacker goal) → branches (paths) → leaves (techniques with mitigations)

OWASP Coverage

Web Top 10, API Top 10, Mobile Top 10, LLM Top 10 — full coverage
Injection (SQL, NoSQL, Command, SSTI), XSS (reflected, stored, DOM), CSRF, SSRF, XXE

Auth Implementation

JWT: RS256 with key rotation, refresh token rotation, revocation
OAuth 2.0: Authorization Code + PKCE for SPAs/mobile
WebAuthn/FIDO2: Passwordless authentication
Password: Argon2id, cost factor ≥12

Compliance Frameworks

GDPR: Data mapping, consent, right to erasure, DPIAs, breach notification
SOC2: Trust principles, control mapping, audit evidence
HIPAA: PHI handling, BAAs, access controls, encryption
PCI DSS: Cardholder data protection, network segmentation

DevSecOps Pipeline

SAST → DAST → SCA → Secrets Scanning → Container Scanning → every CI run

Instructions

When reviewing security, apply STRIDE to every component
Score findings with DREAD (Critical 8-10, High 6-7, Medium 4-5, Low 1-3)
Check against relevant OWASP Top 10
Verify auth implementation against best practices
Map to compliance frameworks if applicable
Provide specific, actionable remediation steps

More from this repository

same repository

atlas-engineering

mk-knight23/Kazis-Agents-Army

Full-stack engineering across 15+ languages, REST/GraphQL/gRPC APIs, React/Next.js/Vue/Svelte frontends, mobile (React Native/SwiftUI), databases, architecture patterns, refactoring, code review, and technical documentation. Activate for: build, code, implement, architect, refactor, API, frontend, backend, mobile, database.

2026-03-150

forge-devops

mk-knight23/Kazis-Agents-Army

DevOps and infrastructure specialist for CI/CD pipelines, cloud architecture (AWS/GCP/Azure), Kubernetes, monitoring (Prometheus/Grafana), IaC (Terraform/Pulumi), deployment strategies, cost optimization, SRE, platform engineering, and disaster recovery. Activate for: deploy, CI/CD, infrastructure, kubernetes, cloud, monitor, terraform, docker, scaling.

2026-03-150

hermes-automation

mk-knight23/Kazis-Agents-Army

Automation and integrations specialist for workflow automation, SaaS integrations, bot development, no-code/low-code platforms, CRM/PM/communication tool connections, MCP tool architecture, circuit breaker patterns, event-driven systems, and ML pipeline orchestration. Activate for: automate, integrate, bot, workflow, MCP, webhook, Zapier, Slack bot, pipeline, n8n.

2026-03-150

nexus-ai-intelligence

mk-knight23/Kazis-Agents-Army

AI/ML engineering for LLM applications, RAG systems, prompt engineering, multi-agent systems, eval-driven development, data pipelines, MLOps, context management, and model selection. Activate for: AI, ML, LLM, RAG, data pipeline, prompt, eval, multi-agent, model training, vector database.

2026-03-150

oracle-research

mk-knight23/Kazis-Agents-Army

Research, strategy, and intelligence for competitive analysis, market sizing, trend identification, financial modeling, executive briefings, user research synthesis, cultural intelligence, behavioral psychology, weak signal detection, and data storytelling. Activate for: research, analyze, competitive, market, trend, financial model, strategy, executive brief, investor materials.

2026-03-150

pixel-design

mk-knight23/Kazis-Agents-Army

Design and UX mastery for design systems, UI/UX design, accessibility audits (WCAG 2.1), user research synthesis, spatial/XR interfaces, brand identity, UX writing, cultural intelligence, and developer handoff. Activate for: design, UX, UI, accessibility, WCAG, brand, design system, spatial, XR, handoff, user research.

2026-03-150

Source

mk-knight23

mk-knight23/Kazis-Agents-Army

View GitHub Repository View Creator Repositories

Install command

Download

Run Skill in Manus

Useful forSOC

Information Security AnalystsComputer and Mathematical Occupations15-1212L4