Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From role-database
Hardens database security across PostgreSQL, MySQL, MongoDB, Redis: authentication (SCRAM, LDAP, Kerberos), RBAC/RLS, encryption (TDE, TLS), audit logging (pgAudit), SQL injection prevention, data masking, compliance (GDPR, HIPAA).
npx claudepluginhub rnavarych/alpha-engineer --plugin role-databaseHow this skill is triggered — by the user, by Claude, or both
Slash command
/role-database:database-securityThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Load from `references/` based on what's needed:
Enforces database security for schema design, access control, encryption, and operational hardening. Use when building, reviewing, or auditing database schemas, connection handling, credential management, or deployment configuration.
Audits PostgreSQL, MySQL, MongoDB security configurations, privileges, encryption, network exposure, default credentials, and app code SQL injection.
Provides database security guidance: TDE encryption at rest, TLS in transit, RBAC/ABAC access control, SQL injection prevention. SQL examples for PostgreSQL, SQL Server, Oracle.
Share bugs, ideas, or general feedback.
Load from references/ based on what's needed:
Authentication methods comparison (SCRAM, certificates, LDAP, IAM) across PostgreSQL, MySQL, MongoDB, Redis. PostgreSQL pg_hba.conf patterns, password policy guidance. RBAC with least-privilege role setup in PostgreSQL. Row Level Security policies (tenant isolation, admin override, FORCE RLS). Column-level security via REVOKE and views. Audit logging: pgAudit config, MySQL Enterprise audit, MongoDB audit filter. Load when: configuring authentication, setting up access controls, or implementing audit logging.
TLS/SSL configuration for PostgreSQL and MySQL (TLSv1.3). Encryption at rest comparison table (TDE, WiredTiger, cloud KMS). Column-level encryption with pgcrypto (encrypt/decrypt examples). SQL injection prevention: parameterized queries and defense layers. Network security best practices (private subnet, security groups, PrivateLink). Static and dynamic data masking. Compliance requirements table (PCI DSS, HIPAA, GDPR, SOX, SOC 2). Load when: configuring encryption, hardening network access, or meeting compliance requirements.