SSH/GPG Skills

Configure SSH agent for passphrase caching and secure agent forwarding — ssh-agent setup, keychain integration, forwarding to remote hosts, and security considerations.

Analyze git repositories to build a security ownership topology (people-to-file), compute bus factor and sensitive-code ownership, and export CSV/JSON for graph databases and visualization.

Perform language and framework specific security best-practice reviews and suggest improvements.

Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations, and writes a concise Markdown threat model.

Set up GPG commit signing with Git — key generation, Git configuration, GitHub verified badges, gpg-agent caching, and SSH signing as a modern alternative.

Comprehensive security auditing workflow covering web application testing, API security, penetration testing, vulnerability scanning, and security hardening.

Expert security auditor specializing in DevSecOps, comprehensive cybersecurity, and compliance frameworks.

Create or refine a concise, normative security policy ("Blue Book") for sensitive applications.

Derive security requirements from threat models and business context.

Configure ~/.ssh/config for efficient multi-host management — host aliases, per-host keys, jump/bastion hosts, connection multiplexing, Match blocks for conditional logic, and wildcard patterns for fleet-scale SSH management.