shalin-rahman/skills/cryptography-expert
skills/cryptography-expert/SKILL.md
# Skill: Cryptography Expert (Principal Level) # Usage: Use for secure data persistence, encrypted vaults, and sensitive key management. ## 🛡️ Mandatory Standards: - **AES-256-GCM**: Always prefer Authenticated Encryption (GCM mode) over CBC to prevent padding oracle attacks and ensure data integrity. - **Argon2 / PBKDF2**: Use professional-grade key derivation for password-based keys. Never use raw SHA-256 for passwords. - **Cryptographically Secure PRNG**: Always use `secrets` or `os.urandom
$ install --global
skillsauthnpx skillsauth add shalin-rahman/Synapticity skills/cryptography-expertInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 23, 2026, 12:47 AM393.1s1 file scanned
SKILL.md
Skill: Cryptography Expert (Principal Level)
Usage: Use for secure data persistence, encrypted vaults, and sensitive key management.
🛡️ Mandatory Standards:
- AES-256-GCM: Always prefer Authenticated Encryption (GCM mode) over CBC to prevent padding oracle attacks and ensure data integrity.
- Argon2 / PBKDF2: Use professional-grade key derivation for password-based keys. Never use raw SHA-256 for passwords.
- Cryptographically Secure PRNG: Always use
secretsoros.urandomfor salts, nonces, and IVs. Never use therandommodule. - Zero-Persistence: Ensure unencrypted data exists only in memory for the shortest possible duration. Clear buffers when done.
- Standard Libraries: Prefer
cryptography.io(Python's leading library) over custom implementations.
🛠️ Secure Implementation (AES-GCM):
import os
from cryptography.hazmat.primitives.ciphers.aead import AESGCM
def encrypt_vault_data(data: bytes, key: bytes) -> bytes:
"""Encrypts data using AES-256-GCM."""
aesgcm = AESGCM(key)
nonce = os.urandom(12) # NIST standard for GCM
ciphertext = aesgcm.encrypt(nonce, data, None)
return nonce + ciphertext
def decrypt_vault_data(combined_data: bytes, key: bytes) -> bytes:
"""Decrypts data and verifies integrity."""
nonce = combined_data[:12]
ciphertext = combined_data[12:]
aesgcm = AESGCM(key)
return aesgcm.decrypt(nonce, ciphertext, None)
⚠️ Security Anti-Patterns:
- Hardcoded IVs or nonces.
- Storing keys in the same database as the encrypted data.
- Using ECB mode (electronic codebook) which leaks patterns.
- Reusing nonces with the same key.
Related Skills
shalin-rahman/skills/zero-defect-engineering
tools
VerifiedTrustedCommunity
# Skill: Zero-Defect Software Engineering # Focus: Writing immortal, self-documenting, and resilient source code. ## Playbook Strategy: 1. **SOLID Foundations**: - **Single Responsibility**: Every class/function does ONE thing perfectly. - **Open/Closed**: Design for extension without modification. 2. **DRY (Don't Repeat Yourself)**: If logic appears twice, abstract it into a utility or base class. 3. **Defensive Programming**: - Validate every input. - Handle every exception specif
1SKILL.mdUpdated Apr 22, 2026
shalin-rahman/skills/typescript-clean
development
VerifiedTrustedCommunity
# Skill: TypeScript Clean Code (Staff Engineer) # Usage: Use for any TypeScript-based project to ensure enterprise-grade type safety and readability. ## Core Rules: - **Strict Typing:** Never use `any`. Use `unknown` with type guards if the type is truly uncertain. - **Interfaces vs Types:** Use `interface` for public APIs (extendability) and `type` for unions, intersections, and primitives. - **Functional Patterns:** Prioritize immutability. Use `readonly` for arrays and objects where possible
1SKILL.mdUpdated Apr 22, 2026
shalin-rahman/skills/testing-strategies
development
VerifiedTrustedCommunity
# Skill: Advanced Testing Strategies (TDD / BDD) # Usage: Use to enforce high code quality, prevent regressions, and ensure requirements are met implicitly. ## 🧪 The Testing Pyramid - **Unit Tests (70%)**: Fast, isolated tests for individual functions and classes. Mock all external dependencies. - **Integration Tests (20%)**: Test the interaction between several units or external systems (e.g., Database, APIs). - **End-to-End (E2E) Tests (10%)**: Slow, brittle tests that verify the system as a
1SKILL.mdUpdated Apr 22, 2026
shalin-rahman/skills/technical-writing-standards
development
VerifiedTrustedCommunity
# Skill: Technical Hand-off & Clarity # Focus: Professional documentation for human and machine consumption. ## Playbook Strategy: 1. **The "ReadMe First" Rule**: Use structured, hierarchical markdown. High-level summary first, deep-dive implementation second. 2. **Contextual Grounding**: Explain the "Why" and the "How" for every project. 3. **Semantic Clarity**: Use industry-standard terminology. Avoid jargon where simple language suffices. 4. **Machine-Readable Annotations**: Include clear co
1SKILL.mdUpdated Apr 22, 2026