Skill UI

Azure Key Vault SDK for Python enables secure storage and lifecycle operations for secrets, cryptographic keys, and certificates via SecretClient, KeyClient, CertificateClient and CryptographyClient, including async usage and environment configuration for Azure workloads.

Analyzes APIs, configurations, and interfaces to highlight developer footguns where insecure defaults, primitive types, or unchecked options make misuse easy, guiding secure-by-design reviews in authentication, cryptography, or schema evaluations.

Provides Wycheproof test vectors for validating cryptographic implementations against known attacks and edge cases, making it ideal for CI regression sweeps and third-party crypto audits.

A rigorous, security-focused code review process designed for Pull Requests (PRs), commits, and diffs. It moves beyond general reviews by focusing intensely on high-risk areas such as authentication, cryptography, external calls, and value transfer. The methodology is evidence-based, requiring detailed attack scenario modeling and generating comprehensive, auditable markdown reports to identify overlooked vulnerabilities and regressions.

Guides building a two-tier OpenSSL-based certificate authority hierarchy with Python cryptography, covering root and intermediate CA creation, certificate issuance, CRL/OCSP configuration, and policy enforcement for secure deployments.

Configures mutual TLS authentication between microservices using Python cryptography and ssl modules, generating CA/service certificates, validating chains, checking expiration, and auditing deployment status to enforce zero-trust service-to-service security.

Automate MobSF-powered static analysis for Android APK/AAB files to uncover hardcoded secrets, misconfigurations, risky permissions, and weak cryptography before deployment or during pentests, and gate CI/CD pipelines with measurable security scores.

Assesses enterprise readiness for post-quantum cryptography migration by inventorying quantum-vulnerable algorithms, validating hybrid TLS with X25519MLKEM768, and checking CRYSTALS-Kyber/Dilithium plus oqs-provider OpenSSL agility before transition.

Guidance for Go security engineers covering injection, cryptography, filesystem, network, secrets, memory safety, and logging so audits or coding efforts stay defense-in-depth aware.