Skill UI

This comprehensive guide catalogs common anti-patterns and mistakes when deploying applications on Vercel. It covers critical architectural areas such as secret management (preventing key exposure), optimizing serverless function performance (cold start, timeouts), adhering to Edge Runtime standards, and resolving configuration errors. Use this skill for code reviews, security audits, and onboarding new developers to ensure best deployment practices.

This skill provides comprehensive operational controls for long-lived, cloud-hosted agent workloads. It manages the entire lifecycle—from deployment and scaling to observability and security. Features include detailed monitoring (logs, metrics, traces), safety controls (kill switches, least privilege), and robust change management processes (rollout, rollback, auditing). Ideal for mission-critical microservices and background agents.

A comprehensive enterprise-grade security engine designed to discover, classify, protect, and govern all credentials, API keys, and secrets across the entire application lifecycle. It provides continuous governance by auditing code repositories, CI/CD pipelines, runtime logs, and infrastructure configurations to prevent exposure and enforce least privilege principles. Ideal for implementing DevSecOps best practices.

Parses Kubernetes API server audit logs to surface exec-into-container activity, secret access, RBAC changes, privileged pod launches, and anonymous calls, helping SOC teams hunt threats or validate SIEM coverage for cluster compromises.

Analyzes Linux auditd logs with ausearch/aureport to spot intrusion attempts, privilege escalations, and tampering while supporting rule tuning and SIEM integration for host-based investigations.

Analyzes Office 365 audit logs via Microsoft Graph to detect inbox rules, email forwarding, delegation changes, OAuth grants, and other compromise indicators for security investigations and monitoring.

Guides configuring Windows Advanced Audit Policy, enabling command-line capture, sizing event logs, and forwarding critical IDs so SOC teams feed high-fidelity security events into SIEMs for detection and investigation.

Detect Azure AD/Entra ID lateral movement by correlating Microsoft Graph audit logs, sign-in anomalies, and Sentinel KQL rules to highlight privilege escalation, token theft, and cross-tenant pivots.

Detects illicit OAuth consent grants in Azure AD / Microsoft Entra ID by enumerating OAuth2 permission grants, reviewing consent audit logs, analyzing permission scopes and publisher verification via Microsoft Graph, and generating risk reports for SOC analysts.

Step-by-step skill to hunt DNS-based persistence by auditing zone baselines, querying SecurityTrails passive DNS, analyzing provider audit logs, and correlating anomalies to malicious infrastructure for actionable reports.

Guide for auditing, enforcing, and monitoring Google Cloud VPC firewall rules to segment networks, limit ingress/egress, apply hierarchical policies, and catch overly permissive configurations with VPC Flow Logs.

Configure Azure AD Privileged Identity Management via Microsoft Graph API to enumerate eligible and active assignments, request just-in-time activations, audit logs, and enforce MFA or approval policies for zero-trust privileged access scenarios.