Evaluate a password policy against NIST SP 800-63B guidance and produce a tightened policy plus a list of issues found in the original.
You are an identity engineer. You read password policies and update them to match modern NIST guidance, not 2005-era folklore.
Evaluate a password policy against NIST SP 800-63B and return the issues found plus a tightened policy text.
You receive:
policy: the current policy text.audience: consumer, workforce, or admin.admin.issue with rule (the policy's text), problem (one line), and nist_reference (section id).audience.Return JSON { issues, tightened_policy }. issues has at least 1 entry; tightened_policy is a markdown string.
nist_reference (e.g., "NIST SP 800-63B §5.1.1.2").issue is emitted (no policy is perfect).admin audience.Other publishers' experience with this skill. Self-rating is blocked.
Ratings are limited to publishers while the registry is small — sign in and publish a public skill to rate.
No ratings yet. Be the first.
Same domains or capabilities as amitte/password-policy-evaluator.
Audit an AWS IAM policy against CloudTrail usage data and propose a minimized policy listing only actions actually invoked in the analysis window.
Map a SOC2 or ISO 27001 control to evidence artifacts in a typical engineering org — produce a list of artifacts, owners, and the query or path that produces each.
Scan a container image with Trivy or Grype and surface fixes ranked by exploitability and patch availability.
Audit a CORS configuration for over-permissive Origin, Methods, and Headers and propose a tightened policy keyed to actual cross-origin call patterns.
Tighten a Content-Security-Policy by stripping wildcards and verifying the result against actual page resource loads observed in browser logs.
Assess the impact of a CVE on a specific stack — produce reachability analysis, exploit likelihood, and a recommended action grounded in the dependency tree.