Skill UI

A comprehensive guide for implementing SAML 2.0 Single Sign-On (SSO) using Okta as the Identity Provider (IdP). This skill covers end-to-end configuration, including SP-initiated and IdP-initiated flows, secure attribute mapping, advanced certificate management (SHA-256, AES-256), and security hardening practices required for enterprise-grade identity access management (IAM) deployments. Learn to establish robust and compliant authentication architecture.

This skill leverages the VirusTotal API to perform comprehensive threat intelligence enrichment on file hashes (MD5, SHA-1, SHA-256). It retrieves detection rates from 70+ AV engines, behavioral sandbox reports, associated indicators of compromise (IOCs), and contextual threat data. Use this tool for rapid SOC triage, accurate incident response validation, and enhancing threat hunting workflows.

This skill simulates and detects critical software supply chain attacks, including typosquatting via Levenshtein distance, dependency confusion detection against private registries, and package integrity verification using SHA-256 hashing. It also performs comprehensive vulnerability scanning against known CVEs using pip-audit. It is essential for security assessments, compliance audits, and incident response when validating software component trustworthiness.

This guide addresses the critical difference between standard Node.js SHA3-256 and the Keccak-256 hash function required by Ethereum. Using the wrong hash function can silently corrupt calculated function selectors, event topics, storage slots, and derived addresses. It provides best practices and code examples for using dedicated libraries (like ethers, viem, web3.js) to ensure correct, Ethereum-compliant hashing in JavaScript and TypeScript environments.

This skill provides robust mechanisms to verify the integrity of AI agent plugins, tools, and dependencies. It generates deterministic SHA-256 manifests (INTEGRITY.json) for all components, allowing users to detect unauthorized modifications, track provenance, and ensure that deployed assets match their published versions. Use this during CI/CD pipelines, code review, and pre-production promotion to secure the entire agent ecosystem.

This comprehensive guide outlines essential security best practices for integrating with Adobe APIs. It covers securing OAuth credentials, implementing least-privilege scoping, managing zero-downtime credential rotation, and verifying I/O Events webhook signatures using cryptographic methods like RSA-SHA256. Essential for building secure, production-ready applications connected to Adobe services.

Implements robust webhook event handling for Flexport, enabling real-time tracking and processing of critical logistics updates. It manages shipment milestones (e.g., departed, arrived, delivered), booking confirmations, PO changes, and invoice events. Includes signature verification (HMAC-SHA256) and idempotent processing to ensure reliable supply chain data integration.

A comprehensive guide to implementing secure integration practices for Linktree APIs. Covers critical topics including secure secret management, robust webhook signature verification (HMAC-SHA256), input sanitization against XSS, and data redaction of Personally Identifiable Information (PII). Essential for developing resilient and secure third-party integrations.

This comprehensive guide details the implementation of secure, event-driven webhooks for Adobe I/O Events. It covers the complete lifecycle, including programmatic webhook registration, handling the challenge-response handshake, implementing robust RSA-SHA256 signature verification, and routing incoming events from services like Creative Cloud and Experience Platform. Essential for building mission-critical, integrated backend systems within the Adobe ecosystem.

Implement robust webhooks for Attio v2, allowing real-time subscription to CRM events (record, note, task, etc.). This skill covers setting up subscriptions, verifying event signatures using HMAC-SHA256 for security, filtering events by object or attribute, and ensuring processing idempotency. It is essential for integrating Attio with external systems like Notion or custom CRMs.

This skill provides a comprehensive guide to implementing and managing BambooHR webhooks. It covers both global and permissioned webhook types, detailing the process from API setup to robust payload handling. Key security aspects include HMAC-SHA256 signature validation for ensuring data integrity and authenticity. Ideal for developers needing to build real-time employee synchronization triggers, process employee creation, updates, or deletions, and integrate BambooHR data into other enterprise systems.

A comprehensive guide detailing security best practices for integrating with ElevenLabs. It covers secure API key management using environment variables, implementing Git pre-commit hooks, and demonstrating robust webhook signature verification using HMAC-SHA256. This ensures secure data handling, replay protection, and proper voice data governance.