MCP App StoreMCP App Store
from xalgorix615
Step-by-step guide to secure Google Cloud services (Compute, App Engine, Cloud Run, GKE) with Identity-Aware Proxy, access levels, and programmatic service-acco
Provides a practical, executable guide to enable and configure Google Cloud Identity-Aware Proxy (IAP) across common compute backends. Includes IAM binding patterns, access level (Access Context Manager) examples, session/reauth settings, programmatic access via service accounts, and audit/monitoring recommendations.
Use this skill when you need to protect internal web applications or TCP services on GCP without exposing public IPs or relying solely on VPNs. Ideal for teams migrating internal dashboards, admin tools, or sensitive APIs behind HTTPS load balancers and wanting device- and network-aware controls.
Best used by agents or tooling that can run gcloud and python (gcloud CLI, python-based automation, GitHub Actions). Helpful for security automation agents and cloud infra agents.
This skill has not been reviewed by our automated audit pipeline yet.
Building Threat Hunt Hypothesis Framework
Framework and workflow to turn threat intelligence and telemetry into testable, falsifiable threat-hunting hypotheses for proactive detection.
Ransomware-Resilient Backup Strategy
Designs and documents a ransomware-resilient backup architecture (3-2-1-1-0), immutability, credential isolation and automated restore testing aligned to RPO/RT
Performing SSL/TLS Security Assessment
Use sslyze to assess SSL/TLS server configurations: supported protocols, cipher suites, certificate chains, HSTS/OCSP, and common vulnerabilities like Heartblee
Pentesting rsync (port 873)
Procedures and checks to enumerate and exploit rsync daemon modules (port 873), detect unauthenticated shares, brute-force auth, and safely verify read/write ex
GCP Patterns
Practical GCP deployment and architecture patterns: Cloud Run Dockerfiles, BigQuery partitioning & clustering, Pub/Sub best practices, and IAM least-privilege g
GCP Cloud Architect
Design scalable, cost-effective Google Cloud architectures for startups and enterprises; generates IaC templates, cost estimates, and deployment/CI patterns.
FedRAMP Compliance
Guidance and templates to implement FedRAMP/NIST 800-53 controls, continuous monitoring, and authorization artifacts for cloud services pursuing federal complia
Implementing Secrets Management with Vault
Step-by-step guidance to deploy HashiCorp Vault for centralized secrets management: dynamic credentials, transit encryption, PKI, Kubernetes integration, and au
ASO — App Store Optimization
End-to-end App Store Optimization toolkit: generate and localize metadata, analyze competitors, manage screenshots and IAPs, and submit to App Store Connect via
Hunt SSRF
Guided hunting methodology for server-side request forgery (SSRF): detection, OOB validation, payloads, bypass techniques, and escalation chains.
Alibaba Cloud Firewall Status Overview
One-click status and coverage report for Alibaba Cloud Firewall (CFW): assets, internet/VPC/NAT boundary switch status, and recent traffic trends.
CISO Advisor
Provides risk-based security strategy and compliance roadmaps (SOC 2, ISO 27001, HIPAA, GDPR), incident response playbooks, and vendor risk assessments for grow