Skip to main content

SEC-ENCRYPTION

Guide selection and use of cryptography for medical devices: algorithms, key derivation, data at rest/in transit, library choice, and FIPS considerations.

v1.0.0New
0

Unsigned, install at your own risk

Unverified

This skill has no cryptographic signature attached. We can't verify the contents match what the publisher intended.

Install this skill

Run this command in your terminal. No account required — it auto-detects your AI tool and installs the skill file.

npx @skills-hub-ai/cli install meddev-skills-sec-encryption
Or download directly:
Browse all CLI commands →

Setup by platform

Claude Code

~/.claude/skills/<skill>/SKILL.md

Setup guide →

Install

One-click setup for your editor

Run in your project root

npx @skills-hub-ai/cli install meddev-skills-sec-encryption --target claude-code

Instructions

This skill doesn’t include stateful context yet, instructions only. Learn about stateful skills.

Security

Loading security scan...

Reviews (0)

Browse all

More from Medical Device Skills

View source

More Security skills

Browse category
pentestStatic-analysis penetration test that hunts for exploitable vulnerabilities with proof-of-concept payloads and fix code. Covers SQL and NoSQL injection (string concatenation, raw queries, operator injection), XSS (reflected, stored, DOM-based, template injection, dangerouslySetInnerHTML), authentication bypass (missing auth middleware, JWT algorithm confusion, predictable tokens, OAuth state CSRF), authorization flaws (IDOR, mass assignment, horizontal/vertical privilege escalation), path traversal and file inclusion (unsanitized file paths, upload validation, LFI), command injection (exec, system, subprocess with user input), CSRF and SSRF (missing SameSite, user-supplied URLs, open redirects), hardcoded secrets (AWS keys, private keys, JWT secrets, connection strings, .env in git), and insecure deserialization (pickle, yaml.load, XXE, ObjectInputStream). Maps full attack surface with route inventory. Use for pre-release security validation, finding exploitable bugs, or generating pen3 installscheck-vantaFetches dependency vulnerabilities from Vanta, Snyk, Dependabot, or GitHub Security Advisories, creates a tracking issue in Jira/Linear/GitHub Issues, then fixes, commits, pushes, and opens PRs for each affected repo. Trigger on: vulnerabilities, security scan, Vanta, CVE, dependency audit, Snyk, Dependabot.2 installssecureFull-stack security posture assessment with 0-100 risk scoring. Scans dependency vulnerabilities (npm audit, pip-audit, cargo audit, govulncheck), dangerous code patterns (SQL injection, eval, command injection, ReDoS, innerHTML, XSS vectors), authentication gaps (missing auth middleware, CSRF, hardcoded JWT secrets, insecure session flags), insecure crypto (MD5/SHA1 password hashing, Math.random for tokens, hardcoded encryption keys), configuration issues (exposed .env files, debug mode, permissive CORS, missing security headers CSP/HSTS, Docker root containers, default credentials), and data handling problems (PII in logs, missing input validation, file upload exploits, missing rate limiting). Produces a prioritized risk report and routes to specialized skills (pentest, owasp, gdpr, encryption, soc2). Use as a first-pass security triage before deeper audits or before shipping to production.2 installsgdprGDPR and CCPA/CPRA privacy compliance audit for codebases. Inventories PII fields (email, phone, SSN, IP, device ID, geolocation, biometrics, behavioral data), maps data collection points (forms, APIs, cookies, analytics, error tracking), audits consent mechanisms (cookie banners, opt-in, pre-checked boxes, consent withdrawal), verifies data subject rights implementation (right to access, erasure, rectification, portability, opt-out, Do Not Sell), traces third-party data sharing (Google Analytics, Facebook Pixel, Stripe, SendGrid, Sentry), and checks data retention policies and automated purging. Use when auditing privacy compliance, building data export or deletion endpoints, reviewing cookie consent, or assessing DSAR readiness.1 installsowaspSystematic audit against the OWASP 2021 Top 10 web application security risks with severity-rated, file-level findings. Checks A01 Broken Access Control (IDOR, path traversal, CORS, privilege escalation), A02 Cryptographic Failures (weak algorithms, exposed secrets, missing TLS), A03 Injection (SQL, NoSQL, command, XSS, LDAP, XPath, template injection), A04 Insecure Design (missing rate limiting, business logic flaws, race conditions), A05 Security Misconfiguration (debug mode, default credentials, missing security headers, CSP), A06 Vulnerable Components (dependency CVEs, outdated frameworks, EOL runtimes), A07 Auth Failures (weak passwords, session fixation, missing MFA), A08 Data Integrity (insecure deserialization, CI/CD integrity, dependency confusion), A09 Logging Failures (missing security events, PII in logs, log injection), A10 SSRF (user-supplied URLs, cloud metadata access, DNS rebinding). Use for web app security audits, pre-release security checks, or compliance evidence g1 installssoc2SOC 2 Type II readiness assessment against all five Trust Service Criteria. Evaluates Security controls (CC6/CC7 -- RBAC, access provisioning/removal, network segmentation, TLS enforcement, input validation, vulnerability management, incident detection and response), Availability controls (A1 -- capacity management, auto-scaling, backup frequency, disaster recovery, RTO/RPO, health checks, uptime monitoring), Processing Integrity (PI1 -- data validation, error handling, transaction logging, idempotency, race condition protection), Confidentiality (C1 -- data classification, encryption at rest and in transit, access logging, secure disposal, key rotation), and Privacy (P1-P8 -- notice, consent, collection limitation, retention/disposal, data access/export, third-party disclosure, data quality, privacy monitoring). Produces a control-by-control PASS/PARTIAL/FAIL matrix with evidence references, remediation roadmap, and evidence collection checklist. Use when preparing for a SOC 2 audit, 1 installs

Frequently asked questions about SEC-ENCRYPTION

What does the SEC-ENCRYPTION skill do?

Guide selection and use of cryptography for medical devices: algorithms, key derivation, data at rest/in transit, library choice, and FIPS considerations. It's a reusable SKILL.md instruction set that loads into your AI coding assistant on demand, no prompt engineering, no copy-pasting every session.

How do I install the SEC-ENCRYPTION skill?

Run `npx @skills-hub-ai/cli install meddev-skills-sec-encryption` from your terminal. The CLI writes the SKILL.md to the correct location for your AI tool (e.g. ~/.claude/skills/meddev-skills-sec-encryption/ for Claude Code or ~/.cursor/skills/ for Cursor with --target cursor) and adds it to your project's .skills.json lockfile.

Which AI tools does SEC-ENCRYPTION work with?

SEC-ENCRYPTION runs in Claude Code. It follows the open Agent Skills standard (SKILL.md), so the same skill works in every supported tool without modification.

Is the SEC-ENCRYPTION skill free?

Yes. Every skill on skills-hub.ai is free and open-source. There are no premium tiers, paywalls, or usage limits. You only pay for whatever AI assistant you're already using.

How do I use SEC-ENCRYPTION after installing it?

In Claude Code, type `/meddev-skills-sec-encryption` (or whatever slash command the skill registers) and the AI follows the skill's instructions immediately. You can also reference it by name in natural language, your AI loads the skill into context when relevant.

Can I share the SEC-ENCRYPTION skill with my team?

Yes. Commit your project's .skills.json lockfile and teammates run `npx @skills-hub-ai/cli install` (no args) to install every skill at the exact version you pinned. Organization-scoped installs work via skills-hub.ai organizations.