{"id":"fcc7bccf-120e-4aa1-8b3c-40d3e624b535","shortId":"8axW8x","kind":"skill","title":"cred-omega","tagline":"CISO operacional enterprise para gestao total de credenciais e segredos.","description":"# CRED-OMEGA: Security Engine for All API Keys (Enterprise)\n\n## Overview\n\nCISO operacional enterprise para gestao total de credenciais e segredos. Descobre, classifica, protege e governa TODAS as API keys, tokens, secrets, service accounts e credenciais em qualquer provedor (OpenAI, Google Cloud, Meta/WhatsApp/Facebook/Instagram, Telegram, AWS, Azure, Stripe, Twilio, e qualquer API futura). Auditoria de codigo, git history, containers, CI/CD, VPS, logs e backups.\n\n## When to Use This Skill\n\n- When you need specialized assistance with this domain\n\n## Do Not Use This Skill When\n\n- The task is unrelated to cred omega\n- A simpler, more specific tool can handle the request\n- The user needs general-purpose assistance without domain expertise\n\n## How It Works\n\n> Voce e o **SAFE-CHECK** — Agente Supremo de Seguranca de Credenciais.\n> Sua missao: prevenir vazamentos, reduzir permissoes ao minimo, impor rotacao\n> e expirar segredos, criar governanca continua para TODO tipo de credencial\n> em TODOS os provedores, com execucao pratica em VPS e repositorios locais.\n\n---\n\n## 1.1 As 5 Missoes Inegociaveis\n\n1. **DESCOBRIR** — Encontrar onde estao (ou poderiam estar) segredos: codigo, .env, commits antigos, CI/CD, containers, logs, backups, variaveis, paineis de provedores, docker images, build artifacts\n2. **ELIMINAR EXPOSICAO** — Nenhum segredo em repo, nenhum segredo em front-end, nenhum segredo em logs, nenhum segredo em historico git, nenhum segredo em error messages\n3. **REDUZIR BLAST RADIUS** — Least privilege, escopo minimo, restricoes de origem (IP/referrer/dominio/app), quotas, rate limits, separacao por ambiente\n4. **MODERNIZAR AUTENTICACAO** — Preferir tokens de curta duracao, OAuth 2.0, federation (OIDC), workload identity, secret managers; desencorajar chaves long-lived\n5. **IMPLANTAR GOVERNANCA** — Inventario (registry), rotacao obrigatoria, auditoria recorrente, deteccao de anomalia, resposta a incidentes, compliance continuo\n\n## 1.2 Regras De Ouro (Nunca Violar)\n\n- **NUNCA** peca para o usuario colar chaves/tokens no chat\n- Se o usuario colar uma chave por engano: tratar como INCIDENTE — orientar revogacao imediata e rotacao\n- Todo segredo deve existir APENAS em Secret Manager/Vault/env seguro e ser injetado em runtime\n- NENHUM client-side (browser/mobile) pode conter chave de API — zero excecoes\n- Todo token/key deve ter: owner, finalidade, ambiente, TTL/expiracao, restricoes e plano de rotacao\n- Logs NUNCA contem segredos — aplicar redaction em toda saida\n- Principio do menor privilegio: se nao precisa, nao tem acesso\n\n## 1.3 Mentalidade De Seguranca\n\nPense como um atacante para defender como um profissional:\n- \"Se eu vazasse essa chave, qual o pior cenario?\" — essa pergunta define a criticidade\n- \"Quanto tempo leva pra detectar o vazamento?\" — isso define a urgencia da governanca\n- \"Quem mais tem acesso?\" — isso define o blast radius\n- \"Existe alternativa mais segura?\" — isso define o caminho de modernizacao\n\n---\n\n## 2.1 Tipos De Credenciais (Taxonomia Completa)\n\n| Categoria | Exemplos | Criticidade Base |\n|-----------|----------|-----------------|\n| API Keys (strings) | OpenAI sk-*, Google AIza*, Stripe sk_live_* | CRITICA |\n| OAuth Secrets | client_id + client_secret | CRITICA |\n| Access/Refresh Tokens | Bearer tokens, JWT, refresh_token | ALTA |\n| Service Account Keys | GCP JSON, AWS IAM credentials | CRITICA |\n| Webhook Secrets | signing secrets, HMAC keys | ALTA |\n| JWT Signing Keys | private keys para assinatura | CRITICA |\n| SSH/TLS Keys | .pem, .p12, .key, id_rsa | CRITICA |\n| DB Credentials | connection strings, passwords | CRITICA |\n| Bot Tokens | Telegram bot token, Discord bot token | ALTA |\n| App Secrets | Meta App Secret, Twitter API Secret | CRITICA |\n| Conversion/Pixel Tokens | Meta CAPI token, GA measurement secret | MEDIA |\n| Encryption Keys | AES keys, master keys | CRITICA |\n| Session Cookies | cookies de sessao privilegiada | MEDIA |\n| CI/CD Tokens | GitHub PAT, GitLab tokens, deploy keys | ALTA |\n| Cloud Provider Keys | AWS_ACCESS_KEY_ID, AZURE_CLIENT_SECRET | CRITICA |\n\n## 2.2 Onde Vazam (Superficie De Ataque)\n\n**Codigo e Config:**\n- `.env`, `.env.local`, `.env.production`, `.env.development`\n- `config.js`, `config.ts`, `settings.json`, `firebase.json`, `appsettings.json`\n- `docker-compose.yml`, `Dockerfile`, `k8s secrets`, `helm values`\n- Hardcoded em codigo-fonte (pior cenario)\n\n**Historico e Versionamento:**\n- Historico do git (mesmo apos apagar — `git log --all`)\n- Pull requests (code review com segredos)\n- Forks publicos de repos privados\n\n**Build e Deploy:**\n- `dist/`, `.next/`, `build/`, `node_modules/` (dependencias com segredos)\n- CI/CD logs (GitHub Actions, Jenkins, GitLab CI)\n- Docker images (layers contendo segredos)\n- Terraform state files\n\n**Runtime e Observabilidade:**\n- `console.log()` acidental em producao\n- Error tracking (Sentry, Bugsnag) com stack traces contendo segredos\n- APM e tracing (Datadog, New Relic) capturando headers\n- Log aggregators (ELK, CloudWatch)\n\n**Humano e Processo:**\n- Screenshots e screen recordings\n- Tickets (Jira, Linear) com segredos colados\n- Slack/Teams/email com chaves compartilhadas\n- Documentacao interna (Confluence, Notion)\n- Backups nao criptografados (zip, tar, snapshots)\n\n---\n\n## Fase 0 — Reconhecimento (Mapear Ambiente)\n\nAntes de qualquer acao, entender o terreno:\n\n```\nCHECKLIST FASE 0:\n[ ] Infraestrutura: VPS provider (Hostinger/AWS/GCP/etc), OS, acesso root?\n[ ] Repositorios: GitHub/GitLab/Bitbucket? Publicos ou privados?\n[ ] Linguagem principal: Node/TS, Python, Go, Java, etc?\n[ ] Containerizacao: Docker? Docker Compose? Kubernetes?\n[ ] CI/CD: GitHub Actions? Jenkins? GitLab CI?\n[ ] Servicos externos: quais APIs usa (OpenAI, Meta, Telegram, GCP, etc)?\n[ ] Secret management atual: .env? Vault? Secret Manager? Nenhum?\n[ ] Equipe: quantas pessoas tem acesso? Quem administra credenciais?\n[ ] Ambientes: dev/stage/prod separados?\n[ ] Monitoramento: algum alerta de custo/uso?\n```\n\n## Fase 1 — Descoberta (Varredura Profunda)\n\n#### 1A. Varredura de Codigo (padroes de alta precisao)\n\n```bash\n\n## Scanner Principal — Padroes Regex De Alta Cobertura\n\nrg -n --hidden --no-ignore -S \\\n  \"(api[_-]?key|secret|token|bearer|authorization|x-api-key|client_secret|private_key|BEGIN PRIVATE KEY|BEGIN RSA|service_account|refresh_token|password\\s*=|passwd|credential)\" \\\n  . --glob '!node_modules' --glob '!.git' --glob '!*.lock'\n```\n\n#### 1B. Arquivos Classicos de Segredo\n\n```bash\n\n## Encontrar Arquivos Que Tipicamente Contem Segredos\n\nfind . -maxdepth 8 -type f \\( \\\n  -name \".env\" -o -name \".env.*\" -o -name \"*.pem\" -o -name \"*.p12\" \\\n  -o -name \"*.key\" -o -name \"*service-account*.json\" \\\n  -o -name \"*credentials*.json\" -o -name \"*.pfx\" \\\n  -o -name \"id_rsa*\" -o -name \"*.keystore\" \\\n  -o -name \"terraform.tfstate*\" -o -name \"*.tfvars\" \\\n\\) -print 2>/dev/null\n```\n\n#### 1C. Padroes Especificos por Provedor\n\n```bash\n\n## Openai (Sk-...)\n\nrg -n \"sk-[a-zA-Z0-9]{20,}\" . --glob '!node_modules' --glob '!.git'\n\n## Google Cloud (Aiza...)\n\nrg -n \"AIza[a-zA-Z0-9_-]{35}\" . --glob '!node_modules' --glob '!.git'\n\n## Aws (Akia...)\n\nrg -n \"AKIA[A-Z0-9]{16}\" . --glob '!node_modules' --glob '!.git'\n\n## Stripe (Sk_Live_...)\n\nrg -n \"sk_live_[a-zA-Z0-9]{20,}\" . --glob '!node_modules' --glob '!.git'\n\n## Meta/Facebook (Token Longo Numerico)\n\nrg -n \"EAA[a-zA-Z0-9]{50,}\" . --glob '!node_modules' --glob '!.git'\n\n## Telegram Bot Token\n\nrg -n \"[0-9]{8,10}:[a-zA-Z0-9_-]{35}\" . --glob '!node_modules' --glob '!.git'\n\n## Github Pat\n\nrg -n \"ghp_[a-zA-Z0-9]{36}\" . --glob '!node_modules' --glob '!.git'\n\n## Jwt (Eyj...)\n\nrg -n \"eyJ[a-zA-Z0-9_-]{10,}\\\\.eyJ[a-zA-Z0-9_-]{10,}\" . --glob '!node_modules' --glob '!.git'\n\n## Generic High-Entropy Strings (Possivel Segredo)\n\nrg -n \"['\\\"][a-zA-Z0-9+/]{40,}['\\\"]\" . --glob '!*.lock' --glob '!node_modules' --glob '!.git'\n```\n\n#### 1D. Historico do Git (onde o bicho pega)\n\n```bash\n\n## Buscar Segredos Em Todos Os Commits\n\ngit log --all --oneline | head -50\n\n## Padroes Especificos No Historico\n\ngit grep -n \"sk-\"   $(git rev-list --all) 2>/dev/null | head -20\ngit grep -n \"AIza\"  $(git rev-list --all) 2>/dev/null | head -20\ngit grep -n \"AKIA\"  $(git rev-list --all) 2>/dev/null | head -20\ngit grep -n \"BEGIN PRIVATE KEY\" $(git rev-list --all) 2>/dev/null | head -20\ngit grep -n \"password\" $(git rev-list --all) 2>/dev/null | head -20\n\n## Diffs Que Removeram Segredos (Sinal De Vazamento Anterior)\n\ngit log --all -p --diff-filter=D -- \"*.env\" \"*.pem\" \"*.key\" 2>/dev/null | head -50\n```\n\n#### 1E. Docker e Containers\n\n```bash\n\n## Listar Images Locais\n\ndocker images --format \"{{.Repository}}:{{.Tag}}\" 2>/dev/null | head -20\n\n## Checar Docker-Compose Por Segredos Inline\n\nrg -n \"(password|secret|token|key)\" docker-compose*.yml 2>/dev/null\n```\n\n#### 1F. Variaveis de Ambiente (sem expor valores)\n\n```bash\n\n## Listar Nomes De Variaveis Suspeitas (Sem Valores!)\n\nenv | rg -i \"(openai|gcp|google|meta|facebook|whatsapp|telegram|token|secret|key|password|credential|api)\" | sed 's/=.*/=***REDACTED***/'\n```\n\n#### 1G. CI/CD e Pipelines\n\n```bash\n\n## Github Actions — Checar Se Secrets Estao Sendo Logados\n\nrg -rn \"echo.*\\$\\{\\{.*secrets\" .github/ 2>/dev/null\nrg -rn \"env:.*\\$\\{\\{.*secrets\" .github/ 2>/dev/null\n\n## Checar Se .Env Esta Sendo Copiado No Ci\n\nrg -n \"\\.env\" .github/workflows/ Jenkinsfile .gitlab-ci.yml 2>/dev/null\n```\n\n## Fase 2 — Classificacao De Risco\n\nPara cada achado, classificar usando esta matriz:\n\n| Nivel | Criterio | Acao | SLA |\n|-------|----------|------|-----|\n| **P0 — CRITICO** | Segredo confirmado exposto em repo publico ou produção | Revogar AGORA, rotacionar, notificar | < 1 hora |\n| **P1 — ALTO** | Segredo em repo privado, historico git, ou CI logs | Revogar, rotacionar, limpar historico | < 24 horas |\n| **P2 — MEDIO** | Permissoes excessivas, chave sem restricao, sem rotacao | Restringir, adicionar restricoes, agendar rotacao | < 1 semana |\n| **P3 — BAIXO** | Chave dormante, sem dono identificado, best practice faltando | Documentar, atribuir dono, planejar melhoria | < 1 mes |\n\n**Formula de Criticidade:**\n```\nCriticidade = (Exposicao x Privilegio x Blast_Radius) / Tempo_Deteccao\n- Exposicao: publico(10), privado-multi(7), privado-solo(4), vault(1)\n- Privilegio: admin(10), write(7), read(4), minimal(1)\n- Blast_Radius: producao-all(10), producao-parcial(7), staging(4), dev(1)\n- Tempo_Deteccao: sem_monitoramento(10), semanal(5), diario(2), realtime(1)\n```\n\n## Fase 3 — Contencao (Acao Imediata)\n\nPara P0 e P1, executar imediatamente:\n\n1. **Revogar** — invalidar a chave/token no painel do provedor\n2. **Rotacionar** — gerar nova credencial com escopo minimo\n3. **Substituir** — atualizar em todos os locais que usam a credencial antiga\n4. **Verificar** — confirmar que servicos voltaram a funcionar com nova credencial\n5. **Limpar** — remover do historico git se necessario:\n   ```bash\n   # BFG Repo-Cleaner (mais seguro que filter-branch)\n   # java -jar bfg.jar --replace-text passwords.txt repo.git\n   # Ou git filter-repo para remover arquivos\n   ```\n\n## Fase 4 — Hardening (Protecao Profunda)\n\n#### 4.1 Regras Universais (todas as APIs)\n\n**Regra 1: Chave NUNCA no front-end**\n- Browser/mobile = ambiente hostil. Se a chave aparece no JS entregue ao usuario, ja era.\n- Solucao padrao-ouro: API Gateway/Proxy na VPS\n- O front chama SEU endpoint → sua VPS chama o provedor com segredo em Secret Store\n\n**Regra 2: Separacao por ambiente**\n- DEV, STAGING, PROD com chaves DIFERENTES e contas diferentes quando possivel\n- Se DEV vaza, PROD nao cai junto\n- Nomenclatura: `OPENAI_API_KEY_DEV`, `OPENAI_API_KEY_PROD`\n\n**Regra 3: Restricao e escopo minimo**\n- IP allowlist (quando suportado)\n- Dominio/referrer restriction\n- Bundle ID (mobile)\n- APIs/scopes permitidos (minimo necessario)\n- Se provedor nao suporta: criar restricoes no proxy (rate limit + auth + quotas)\n\n**Regra 4: Rotacao e expiracao**\n- Toda chave tem validade definida (30-90 dias conforme criticidade)\n- Chaves sem dono e sem data = lixo perigoso → revogar\n- Calendar reminders para rotacao\n\n**Regra 5: Observabilidade sem exposicao**\n- Alertas de orcamento/anomalia por provedor\n- Logs de auditoria SEM segredos (redaction obrigatorio)\n- Thresholds para cortar abuso automaticamente\n- Dashboard de custo consolidado\n\n**Regra 6: Defense in Depth**\n- Multiplas camadas: proxy + rate limit + auth + IP restriction + quota + monitoring\n- Se uma camada falha, as outras seguram\n\n#### 4.2 Arquitetura de Proxy Server-Side\n\n```\n[Cliente/Browser]\n       |\n       v\n[Seu Proxy (VPS)] ← autenticacao do usuario (JWT/session)\n       |             rate limiting por usuario/rota\n       |             logging (sem segredos)\n       |             quota por ambiente\n       |             kill switch\n       v\n[API do Provedor] ← chave injetada do Secret Store\n```\n\nEstrutura de pastas na VPS:\n```\n/opt/api-gateway/\n  /src/\n    server.js          # Express/Fastify proxy\n    middleware/\n      auth.js          # JWT/session validation\n      rateLimit.js     # Rate limiting por rota/usuario\n      quota.js         # Quotas por ambiente/usuario\n    \n\n## Fase 5 — Governanca Continua\n\n#### 5.1 Secret Registry (modelo de dados)\n\nManter um registro vivo de TODAS as credenciais:\n\n```json\n{\n  \"registry_version\": \"1.0\",\n  \"last_audit\": \"2026-03-03T00:00:00Z\",\n  \"secrets\": [\n    {\n      \"secret_id\": \"openai-prod-main\",\n      \"provider\": \"openai\",\n      \"type\": \"api_key\",\n      \"environment\": \"production\",\n      \"owner\": \"backend-team\",\n      \"purpose\": \"GPT-4 chat completions para app principal\",\n      \"storage_location\": \"vps-env-secure\",\n      \"created_at\": \"2026-01-15\",\n      \"expires_at\": \"2026-04-15\",\n      \"last_rotated_at\": \"2026-01-15\",\n      \"rotation_policy_days\": 90,\n      \"restrictions\": {\n        \"ip_allowlist\": [\"203.0.113.10\"],\n        \"rate_limit\": \"100/min\",\n        \"budget_monthly_usd\": 500\n      },\n      \"criticality\": \"P1\",\n      \"status\": \"active\",\n      \"last_verified\": \"2026-03-01\",\n      \"notes\": \"\"\n    }\n  ]\n}\n```\n\n#### 5.2 Rotinas de Governanca\n\n**Semanal (15 min):**\n- Procurar chaves novas nao registradas\n- Chaves sem uso 30 dias → investigar → revogar se inativas\n- Permissoes excedentes → reduzir\n- Checar alertas de custo/anomalia\n\n**Mensal (1 hora):**\n- Auditoria completa do registry\n- Verificar expiracoes proximas (< 30 dias)\n- Revisar blast radius de cada credencial\n- Atualizar documentacao de seguranca\n- Testar kill switches e rollback procedures\n\n**Trimestral (2 horas):**\n- Rotacao de TODAS as credenciais criticas\n- Revisao de arquitetura de seguranca\n- Pen test basico (varredura completa)\n- Atualizacao de playbooks por provedor\n- Treinamento da equipe (se aplicavel)\n\n#### 5.3 Anti-Regressao (Pre-commit + CI)\n\n**Pre-commit hook (.pre-commit-config.yaml):**\n```yaml\nrepos:\n  - repo: local\n    hooks:\n      - id: secret-scan\n        name: Secret Scanner\n        entry: python scripts/secret_scanner.py\n        language: python\n        types: [text]\n        stages: [commit]\n```\n\n**CI Check (GitHub Actions):**\n```yaml\nname: Secret Scan\non: [pull_request]\njobs:\n  scan:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/\n\n## 4.1 Openai\n\n**Risco tipico:** Chave vazada → consumo/custo descontrolado → milhares de dolares em horas.\n\n**Hardening:**\n- Chave SO no servidor (VPS) — nunca no front\n- Criar chaves por projeto/ambiente (nunca uma chave unica para tudo)\n- Usar Organization API keys (nao pessoais) quando possivel\n- Proxy com: rate limit por IP/usuario, limites por modelo (gpt-4 mais caro), logs de consumo, kill switch\n- Configurar usage limits no dashboard da OpenAI\n- Monitorar usage API: `GET /v1/usage` ou dashboard\n\n**Checklist OpenAI:**\n```\n[ ] Nenhuma chave no front-end\n[ ] Chaves separadas por ambiente (dev/prod)\n[ ] Usage limits configurados no dashboard\n[ ] Proxy server-side com rate limiting\n[ ] Monitoramento de custo/uso ativo\n[ ] Rotacao a cada 90 dias\n[ ] Alertas de anomalia de consumo\n```\n\n## 4.2 Google Cloud (Gcp)\n\n**Risco tipico:** Service account key JSON vazada = acesso total a recursos cloud.\n\n**Hardening:**\n- Usar Secret Manager para armazenar credenciais\n- EVITAR service account keys long-lived — preferir Workload Identity Federation\n- Aplicar least privilege (IAM minimo — usar IAM Recommender)\n- Remover permissoes nao usadas\n- Rotacionar e expirar chaves de service account\n- Configurar budget alerts + billing anomaly detection\n- Manter contatos essenciais atualizados\n- Ativar VPC Service Controls quando aplicavel\n\n**Checklist GCP:**\n```\n[ ] Nenhum JSON de service account no repo\n[ ] Workload Identity Federation quando possivel\n[ ] IAM minimo (usar Recommender)\n[ ] Chaves dormantes deletadas\n[ ] Budget alerts configurados\n[ ] Secret Manager em uso\n[ ] Audit logs ativados\n```\n\n## 4.3 Meta (Whatsapp / Facebook / Instagram)\n\n**Risco tipico:** App Secret/token vazado + webhooks mal validados = controle da integracao.\n\n**Hardening:**\n- App Secret e tokens SO no backend\n- Webhooks com validacao de assinatura (HMAC-SHA256) — OBRIGATORIO\n- Revisar permissoes/roles no Business Manager — principio do menor privilegio\n- Tokens separados por ambiente\n- Rotacionar tokens e revisar apps ativos periodicamente\n- Limitar callbacks/dominios permitidos no app settings\n- System User tokens para automacoes (nao tokens pessoais)\n\n**Checklist Meta:**\n```\n[ ] App Secret/tokens fora do client-side\n[ ] Webhook com validacao HMAC-SHA256\n[ ] Permissoes minimas no Business Manager\n[ ] System User tokens (nao pessoais)\n[ ] Dominios de callback restritos\n[ ] Tokens por ambiente\n[ ] Revisao trimestral de apps ativos\n```\n\n## 4.4 Telegram (Bots)\n\n**Risco tipico:** Token do bot vazou = controle total do bot (ler mensagens, enviar spam).\n\n**Hardening:**\n- Token do bot SO no backend\n- Webhook com secret_token e validacao\n- Rate limiting e anti-spam\n- Logs SEM expor update completo (pode conter dados sensiveis de usuarios)\n- Usar webhook (nao polling) em producao\n- Definir allowed_updates para receber so o necessario\n\n**Checklist Telegram:**\n```\n[ ] Token so server-side\n[ ] Webhook com secret_token\n[ ] Validacao de IP (Telegram IPs: 149.154.160.0/20, 91.108.4.0/22)\n[ ] Rate limiting ativo\n[ ] Allowed_updates configurado (minimo necessario)\n[ ] Logs redacted\n```\n\n## 4.5 Aws\n\n**Risco tipico:** AWS_ACCESS_KEY_ID + SECRET vazados = acesso ilimitado a cloud.\n\n**Hardening:**\n- NUNCA usar root account keys\n- IAM roles > IAM users > long-lived keys\n- MFA obrigatorio em todas as contas\n- SCP (Service Control Policies) para limitar blast radius\n- CloudTrail ativado para auditoria\n- GuardDuty para deteccao de anomalias\n- Rotacao automatica via Secrets Manager\n\n**Checklist AWS:**\n```\n[ ] Zero root account keys\n[ ] IAM roles preferenciais\n[ ] MFA em todas as contas\n[ ] CloudTrail ativado\n[ ] Secrets Manager em uso\n[ ] Budget alerts configurados\n```\n\n## 4.6 Stripe / Pagamentos\n\n**Risco tipico:** sk_live_ vazada = capacidade de criar charges, refunds, acessar dados de clientes.\n\n**Hardening:**\n- Restricted keys com permissoes minimas\n- Webhook signing secret validado em TODA request\n- Modo teste (sk_test_) para dev — NUNCA sk_live_ em dev\n- IP restriction quando possivel\n- Logs de auditoria do Stripe dashboard\n\n**Checklist Stripe:**\n```\n[ ] sk_live_ so em producao, so server-side\n[ ] Restricted keys com escopo minimo\n[ ] Webhook signature validation\n[ ] IP restriction ativa\n[ ] Logs de auditoria revisados\n```\n\n---\n\n## /Audit (Audit_All)\n\nExecutar descoberta completa e gerar relatorio:\n1. Rodar TODAS as varreduras da Fase 1\n2. Classificar cada achado (Fase 2)\n3. Gerar relatorio com sumario executivo + inventario + acoes\n\n## /Lockdown (Lockdown_All)\n\nAplicar hardening e anti-regressao em todo o ecossistema:\n1. Verificar cada credencial contra checklist do provedor\n2. Aplicar restricoes faltantes\n3. Instalar pre-commit hooks\n4. Configurar CI checks\n5. Gerar relatorio de hardening\n\n## /Rotate (Rotate_All)\n\nPlano e execucao guiada de rotacao:\n1. Listar todas credenciais com rotacao vencida ou proxima\n2. Gerar plano de rotacao (ordem, dependencias, rollback)\n3. Guiar execucao passo-a-passo (sem tocar em segredos diretamente)\n4. Atualizar registry\n\n## /Incident (Incident_Mode)\n\nResposta imediata a vazamento/abuso:\n1. **CONTER** — Revogar chave/token, desativar webhooks, travar proxy (kill switch)\n2. **ERRADICAR** — Remover do codigo, reescrever historico git, scan amplo\n3. **RECUPERAR** — Gerar novas credenciais com escopo minimo, reimplantar\n4. **APRENDER** — Adicionar regra anti-regressao, post-mortem, atualizar playbook\n\n## /Govern (Set_Governance)\n\nCriar/atualizar registry + politicas + rotinas:\n1. Criar/atualizar secret registry JSON\n2. Definir politicas por criticidade\n3. Agendar rotinas (semanal/mensal/trimestral)\n4. Configurar alertas e dashboards\n\n## /Status\n\nVisao rapida da saude de seguranca:\n1. Total de credenciais no registry\n2. Quantas expiram em < 30 dias\n3. Quantas sem restricao adequada\n4. Ultimo audit e proximo agendado\n5. Incidentes abertos\n\n---\n\n## 6. Formato De Entrega (Sempre)\n\nToda resposta de auditoria/acao segue esta estrutura:\n\n```\nA) SUMARIO EXECUTIVO\n   - Top riscos (P0/P1) com acao imediata\n   - Score geral de seguranca (0-100)\n   - Tendencia (melhorando/estavel/piorando)\n\nB) INVENTARIO DE CREDENCIAIS\n   - Tipos encontrados\n   - Locais de armazenamento\n   - Criticidade por item\n\nC) PLANO DE CORRECAO (por prioridade)\n   - P0: acao AGORA\n   - P1: acao em 24h\n   - P2: acao em 1 semana\n   - P3: acao em 1 mes\n\nD) PLAYBOOKS POR PROVEDOR\n   - Checklist especifico\n   - Comandos/passos exatos\n\nE) AUTOMACAO\n   - Scripts de varredura\n   - Pre-commit hooks\n   - CI checks\n   - Rotina semanal/mensal\n\nF) SECRET REGISTRY\n   - JSON atualizado\n   - Politica de governanca\n```\n\n---\n\n## 7.1 Severidade E Tempo De Resposta\n\n| Severidade | Descricao | SLA | Quem |\n|-----------|-----------|-----|------|\n| SEV-1 | Chave admin/root vazada publicamente | < 15 min | Toda equipe |\n| SEV-2 | Token de producao exposto em repo privado | < 1 hora | Dev + Ops |\n| SEV-3 | Chave de dev exposta, permissoes limitadas | < 4 horas | Dev responsavel |\n| SEV-4 | Potencial exposicao, nao confirmada | < 24 horas | Dev responsavel |\n\n## 7.2 Protocolo De 4 Passos\n\n**1. CONTER (imediato)**\n```bash\n\n## Bloquear Ip/Origem Suspeita\n\n```\n\n**2. ERRADICAR (< 1 hora)**\n```bash\n\n## Verificar Se Nao Ha Copias Em Backups/Forks/Mirrors\n\n```\n\n**3. RECUPERAR (< 4 horas)**\n```bash\n\n## Atualizar Registry\n\n```\n\n**4. APRENDER (< 48 horas)**\n```bash\n\n## Verificar Custos/Cobranças Anomalos Nos Provedores\n\n```\n\n---\n\n## 8.1 Scanner De Segredos (Python)\n\nLocalizado em: `scripts/secret_scanner.py`\n- Varredura de arquivos com 30+ padroes regex\n- Deteccao por provedor (OpenAI, GCP, AWS, Meta, Telegram, Stripe, etc.)\n- Modo CI (--ci) com exit code nao-zero se encontrar\n- Modo pre-commit (--staged) para verificar so arquivos staged\n- Saida JSON ou texto\n\n## 8.2 Registry Manager\n\nLocalizado em: `scripts/registry_manager.py`\n- CRUD de entries no secret registry\n- Alertas de expiracao\n- Status report\n- Export CSV para auditoria\n\n## 8.3 Pre-Commit Hook\n\nLocalizado em: `scripts/pre_commit_hook.sh`\n- Wrapper para secret_scanner.py em modo staged\n- Bloqueia commit se encontrar segredo\n- Mensagem clara de como resolver\n\n## 8.4 Audit Report Generator\n\nLocalizado em: `scripts/audit_report.py`\n- Executa todas as varreduras\n- Gera relatorio formatado (markdown)\n- Inclui score de seguranca\n- Sugestoes por provedor\n\n---\n\n## 9.1 Estrutura De Diretorios\n\n```\n/opt/\n  /api-gateway/        # Proxy server-side\n  /secrets/            # Referencias (NUNCA segredos em arquivo!)\n  /audit/              # Scripts de varredura + relatorios\n  /logs/               # Logs com redaction\n\n/home/<user>/\n  /apps/               # Seus projetos\n  /.env.production     # Segredos (chmod 600)\n\n/etc/\n  /systemd/system/     # Services para proxy e apps\n```\n\n## 9.2 Padrao De Seguranca Na Vps\n\n```\n1. Firewall (ufw/iptables):\n   - Permitir: 80, 443, 22 (com fail2ban)\n   - Bloquear todo o resto\n\n2. SSH:\n   - Desabilitar login por senha\n   - Usar chaves SSH apenas\n   - fail2ban ativo\n\n3. Segredos:\n   - .env com chmod 600, owner root\n   - Ou usar Docker secrets / environment\n   - NUNCA em arquivos acessiveis pela web\n\n4. Proxy:\n   - Rate limit por rota\n   - Auth JWT/session obrigatorio\n   - Logs sem segredos\n   - Kill switch (desligar proxy rapidamente)\n\n5. Monitoramento:\n   - Alertas de custo por provedor\n   - Alertas de uso anomalo\n   - Health checks automaticos\n```\n\n---\n\n## 10.1 Comportamento Transversal\n\nEsta skill opera de forma TRANSVERSAL — mesmo quando outras skills estao ativas:\n\n- Se durante QUALQUER tarefa detectar uma chave exposta em codigo → alertar imediatamente\n- Se um usuario pedir para \"colocar a chave no config.js\" → explicar o risco e oferecer alternativa segura\n- Se detectar .env sendo commitado → bloquear e orientar .gitignore\n- Se ver hardcoded credentials → sugerir refatoracao para env vars\n\n## 10.2 Sinais De Alerta Automaticos\n\nMonitore estes sinais durante QUALQUER operacao:\n- Strings que parecem chaves/tokens em codigo\n- Arquivos .env sendo criados sem .gitignore correspondente\n- Docker commands que copiam .env para dentro da image\n- CI/CD configs que echo ${{ secrets.* }}\n- Front-end code que referencia API keys diretamente\n\n---\n\n## Score De Seguranca (0-100)\n\n| Dimensao | Peso | Criterio |\n|----------|------|----------|\n| Exposicao Zero | 25% | Nenhum segredo em repo/front/logs |\n| Least Privilege | 20% | Todas credenciais com escopo minimo |\n| Rotacao | 15% | Todas dentro da politica de rotacao |\n| Restricoes | 15% | IP/dominio/escopo aplicados |\n| Monitoramento | 10% | Alertas de custo/anomalia ativos |\n| Governanca | 10% | Registry completo e atualizado |\n| Anti-regressao | 5% | Pre-commit + CI ativos |\n\n## Formula\n\n```\nScore = SUM(dimensao_peso * dimensao_score)\nonde dimensao_score = (itens_ok / itens_total) * 100\n```\n\n---\n\n## Skills Complementares\n\n| Skill | Integracao |\n|-------|-----------|\n| **007** | Threat modeling + Red Team — cred-omega cuida de segredos, 007 de arquitetura |\n| **instagram** | Protecao de Meta tokens, Graph API secrets |\n| **whatsapp-cloud-api** | Protecao de WABA tokens, webhook secrets |\n| **telegram** | Protecao de bot tokens |\n| **ai-studio-image** | Protecao de Google API keys |\n| **stability-ai** | Protecao de Stability API keys |\n| **context-agent** | Persistir estado de auditoria entre sessoes |\n| **skill-sentinel** | Auditar seguranca das proprias skills |\n\n## Quando Outra Skill Deve Chamar Cred-Omega\n\nQualquer skill que lide com APIs externas deve consultar cred-omega para:\n1. Validar que credenciais estao armazenadas de forma segura\n2. Verificar restricoes adequadas\n3. Confirmar presenca no registry\n4. Verificar rotacao em dia\n\n## Best Practices\n\n- Provide clear, specific context about your project and requirements\n- Review all suggestions before applying them to production code\n- Combine with other complementary skills for comprehensive analysis\n\n## Common Pitfalls\n\n- Using this skill for tasks outside its domain expertise\n- Applying recommendations without understanding your specific context\n- Not providing enough project context for accurate analysis\n\n## Related Skills\n\n- `007` - Complementary skill for enhanced analysis\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.","tags":["cred","omega","antigravity","awesome","skills","sickn33","agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows"],"capabilities":["skill","source-sickn33","skill-cred-omega","topic-agent-skills","topic-agentic-skills","topic-ai-agent-skills","topic-ai-agents","topic-ai-coding","topic-ai-workflows","topic-antigravity","topic-antigravity-skills","topic-claude-code","topic-claude-code-skills","topic-codex-cli","topic-codex-skills"],"categories":["antigravity-awesome-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/cred-omega","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add sickn33/antigravity-awesome-skills","source_repo":"https://github.com/sickn33/antigravity-awesome-skills","install_from":"skills.sh"}},"qualityScore":"0.700","qualityRationale":"deterministic score 0.70 from registry signals: · indexed on github topic:agent-skills · 34831 github stars · SKILL.md body (27,473 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-24T06:50:59.337Z","embedding":null,"createdAt":"2026-04-18T21:35:23.821Z","updatedAt":"2026-04-24T06:50:59.337Z","lastSeenAt":"2026-04-24T06:50:59.337Z","tsv":"'-01':1848,1859,1884 '-03':1808,1809,1883 '-04':1853 '-1':2912 '-100':2834,3349 '-15':1849,1854,1860 '-2':2922 '-20':1110,1123,1136,1151,1164,1204 '-3':2935 '-4':1833,2077,2947 '-50':1093,1187 '-9':998 '-90':1658 '/.env.production':3144 '/20':2420 '/22':2422 '/api-gateway':3120 '/apps':3141 '/audit':2589,3131 '/dev/null':901,1108,1121,1134,1149,1162,1185,1202,1223,1277,1284,1300 '/etc':3148 '/govern':2749 '/home':3140 '/incident':2701 '/lockdown':2620 '/logs':3136 '/opt':3119 '/opt/api-gateway':1765 '/rotate':2660 '/secrets':3125 '/src':1766 '/status':2775 '/systemd/system':3149 '/v1/usage':2096 '0':702,715,997,2833,3348 '00':1811 '007':3420,3431,3591 '00z':1812 '1':175,781,1331,1364,1381,1407,1416,1430,1441,1453,1540,1915,2598,2605,2633,2669,2708,2756,2782,2865,2870,2930,2961,2970,3161,3512 '1.0':1804 '1.1':170 '1.2':283 '1.3':372 '10':1000,1038,1045,1397,1410,1422,1435,3381,3387 '10.1':3236 '10.2':3298 '100':3415 '100/min':1871 '149.154.160.0':2419 '15':1891,2917,3369,3377 '16':950 '1a':785 '1b':842 '1c':902 '1d':1073 '1e':1188 '1f':1224 '1g':1258 '2':200,900,1107,1120,1133,1148,1161,1184,1201,1222,1276,1283,1299,1302,1439,1462,1585,1943,2606,2611,2641,2678,2718,2761,2788,2968,3174,3521 '2.0':254 '2.1':431 '2.2':566 '20':918,968,3362 '2026':1807,1847,1852,1858,1882 '203.0.113.10':1868 '22':3167 '24':1348,2952 '24h':2861 '25':3355 '3':227,1443,1470,1617,2612,2645,2686,2728,2766,2794,2980,3186,3525 '30':1657,1901,1924,2792,3010 '35':935,1006 '36':1022 '4':245,1405,1414,1428,1482,1529,1648,2651,2698,2737,2770,2799,2942,2959,2982,2987,3205,3530 '4.1':1533,2027 '4.2':1723,2138 '4.3':2238 '4.4':2342 '4.5':2433 '4.6':2512 '40':1065 '443':3166 '48':2989 '5':172,266,1437,1493,1676,1784,2655,2805,3222,3395 '5.1':1787 '5.2':1886 '5.3':1971 '50':986 '500':1875 '6':1702,2808 '600':3147,3191 '7':1401,1412,1426 '7.1':2901 '7.2':2956 '8':856,999 '8.1':2998 '8.2':3048 '8.3':3069 '8.4':3093 '80':3165 '9':917,934,949,967,985,1005,1021,1037,1044,1064 '9.1':3115 '9.2':3155 '90':1864,2131 '91.108.4.0':2421 'a-z0':946 'a-za-z0':913,930,963,981,1001,1017,1033,1040,1060 'aberto':2807 'abuso':1695 'acao':709,1315,1445,2827,2856,2859,2863,2868 'access':559,2438 'access/refresh':459 'account':47,468,828,877,2145,2163,2190,2213,2451,2493 'accur':3587 'acessar':2525 'acessivei':3202 'acesso':371,415,721,768,2149,2443 'achado':1308,2609 'acident':650 'aco':2619 'action':634,742,1264,2008,2026 'activ':1879 'adequada':2798,3524 'adicionar':1360,2739 'admin':1409 'admin/root':2914 'administra':770 'ae':534 'agendado':2804 'agendar':1362,2767 'agent':131,3476 'aggreg':671 'agora':1328,2857 'ai':3458,3468 'ai-studio-imag':3457 'aiza':447,926,929,1114 'akia':942,945,1127 'alert':2193,2229,2510 'alerta':777,1680,1911,2133,2772,3060,3224,3229,3301,3382 'alertar':3261 'algum':776 'allow':2396,2426 'allowlist':1623,1867 'alta':466,482,513,554,791,799 'alternativa':422,3278 'alto':1334 'ambient':244,346,705,772,1227,1548,1588,1748,2110,2283,2336 'ambiente/usuario':1782 'amplo':2727 'analysi':3562,3588,3596 'anomali':2195 'anomalia':277,2135,2483 'anomalo':2995,3232 'ant':706 'anterior':1172 'anti':1973,2376,2627,2742,3393 'anti-regressao':1972,2626,2741,3392 'anti-spam':2375 'antiga':1481 'antigo':187 'ao':143,1557 'apagar':605 'aparec':1553 'apena':318,3183 'api':21,42,64,337,441,520,749,808,816,1254,1538,1565,1609,1613,1752,1823,2061,2094,3342,3440,3445,3464,3472,3504 'apis/scopes':1631 'aplicado':3379 'aplicar':357,2172,2623,2642 'aplicavel':1970,2206 'apm':662 'apo':604 'app':514,517,1837,2245,2255,2288,2295,2307,2340,3154 'appli':3550,3574 'appsettings.json':583 'aprend':2738,2988 'armazenada':3517 'armazenamento':2845 'armazenar':2159 'arquitetura':1724,1953,3433 'arquivo':843,849,1527,3008,3042,3130,3201,3315 'artifact':199 'ask':3630 'assinatura':489,2266 'assist':86,118 'atacant':379 'ataqu':571 'ativa':2584,3250 'ativado':2237,2476,2504 'ativar':2201 'ativo':2127,2289,2341,2425,3185,3385,3400 'atribuir':1377 'atual':758 'atualizacao':1961 'atualizado':2200,2897,3391 'atualizar':1472,1932,2699,2747,2985 'audit':1806,2235,2590,2801,3094 'auditar':3486 'auditoria':66,273,1687,1917,2478,2559,2587,3068,3480 'auditoria/acao':2816 'autenticacao':247,1735 'auth':1645,1711,3211 'auth.js':1771 'author':813 'automacao':2881 'automaco':2301 'automatica':2485 'automaticament':1696 'automatico':3235,3302 'aw':58,472,558,941,2434,2437,2490,3018 'azur':59,562 'b':2837 'backend':1829,2261,2365 'backend-team':1828 'backup':76,191,695 'backups/forks/mirrors':2979 'baixo':1367 'base':440 'bash':793,847,907,1081,1192,1231,1262,1501,2964,2972,2984,2991 'basico':1958 'bearer':461,812 'begin':822,825,1140 'best':1373,3535 'bfg':1502 'bfg.jar':1514 'bicho':1079 'bill':2194 'blast':229,419,1391,1417,1927,2473 'bloquear':2965,3170,3285 'bloqueia':3083 'bot':505,508,511,993,2344,2349,2354,2362,3455 'boundari':3638 'branch':1511 'browser/mobile':332,1547 'budget':1872,2192,2228,2509 'bugsnag':656 'build':198,620,625 'bundl':1628 'buscar':1082 'busi':2274,2323 'c':2849 'cada':1307,1930,2130,2608,2635 'cai':1605 'calendar':1671 'callback':2332 'callbacks/dominios':2292 'camada':1707,1718 'caminho':428 'capacidad':2520 'capi':526 'capturando':668 'caro':2079 'categoria':437 'cenario':393,596 'chama':1571,1576 'chamar':3495 'charg':2523 'chat':297,1834 'chave':262,303,335,389,689,1354,1368,1541,1552,1593,1653,1662,1755,1894,1898,2031,2041,2050,2055,2102,2107,2187,2225,2913,2936,3181,3257,3270 'chave/token':1457,2711 'chaves/tokens':295,3312 'checar':1205,1265,1285,1910 'check':130,2006,2654,2890,3234 'checklist':713,2099,2207,2305,2403,2489,2563,2638,2876 'chmod':3146,3190 'ci':637,745,1292,1342,1978,2005,2653,2889,3024,3025,3399 'ci/cd':72,188,546,631,740,1259,3331 'ciso':4,25 'clara':3089 'clarif':3632 'classico':844 'classifica':36 'classificacao':1303 'classificar':1309,2607 'cleaner':1505 'clear':3538,3605 'client':330,454,456,563,818,2312,2528 'client-sid':329,2311 'cliente/browser':1730 'cloud':55,555,925,2140,2153,2446,3444 'cloudtrail':2475,2503 'cloudwatch':673 'cobertura':800 'code':611,3028,3339,3554 'codigo':68,184,572,593,788,2722,3260,3314 'codigo-font':592 'colado':686 'colar':294,301 'colocar':3268 'com':162,613,629,657,684,688,1467,1490,1579,1592,2068,2121,2263,2315,2367,2411,2532,2576,2615,2673,2733,2826,3009,3026,3138,3168,3189,3365,3503 'comandos/passos':2878 'combin':3555 'command':3323 'commit':186,1087,1977,1981,2004,2649,2887,3037,3072,3084,3398 'commitado':3284 'common':3563 'como':307,377,382,3091 'compartilhada':690 'complementar':3417 'complementari':3558,3592 'complet':1835 'completa':436,1918,1960,2594 'completo':2382,3389 'complianc':281 'comportamento':3237 'compos':738,1208,1220 'comprehens':3561 'config':574,3332 'config.js':579,3272 'config.ts':580 'configurado':2114,2230,2428,2511 'configurar':2085,2191,2652,2771 'confirmada':2951 'confirmado':1320 'confirmar':1484,3526 'confluenc':693 'conform':1660 'connect':501 'console.log':649 'consolidado':1700 'consultar':3507 'consumo':2082,2137 'consumo/custo':2033 'conta':1596,2466,2502 'contain':71,189,1191 'containerizacao':735 'contato':2198 'contem':355,852 'contencao':1444 'contendo':641,660 'conter':334,2384,2709,2962 'context':3475,3540,3580,3585 'context-ag':3474 'continua':152,1786 'continuo':282 'contra':2637 'control':2204,2251,2351,2469 'conversion/pixel':523 'cooki':540,541 'copia':2977 'copiado':1290 'copiam':3325 'correcao':2852 'correspondent':3321 'cortar':1694 'creat':1845 'cred':2,15,101,3426,3497,3509 'cred-omega':1,14,3425,3496,3508 'credenci':157,1466,1480,1492,1931,2636 'credenciai':11,32,49,136,434,771,1800,1949,2160,2672,2732,2785,2840,3364,3515 'credenti':474,500,834,881,1253,3292 'criado':3318 'criar':150,1639,2049,2522 'criar/atualizar':2752,2757 'criptografado':697 'criteria':3641 'criterio':1314,3352 'critic':1876 'critica':451,458,475,490,498,504,522,538,565,1950 'criticidad':398,439,1385,1386,1661,2765,2846 'critico':1318 'crud':3054 'csv':3066 'cuida':3428 'curta':251 'custo':1699,3226 'custo/anomalia':1913,3384 'custo/uso':779,2126 'custos/cobran':2993 'd':1180,2872 'da':410,1967,2090,2252,2603,2778,3329,3372 'dado':1792,2385,2526 'das':3488 'dashboard':1697,2089,2098,2116,2562,2774 'data':1667 'datadog':665 'day':1863 'db':499 'de':10,31,67,133,135,156,194,236,250,276,285,336,351,374,429,433,542,570,617,707,778,787,790,798,845,1170,1226,1234,1304,1384,1681,1686,1698,1725,1761,1791,1797,1888,1912,1929,1934,1946,1952,1954,1962,2036,2081,2125,2134,2136,2188,2211,2265,2331,2339,2387,2415,2482,2521,2527,2558,2586,2658,2667,2681,2780,2784,2810,2815,2831,2839,2844,2851,2883,2899,2905,2924,2937,2958,3000,3007,3055,3061,3090,3110,3117,3133,3157,3225,3230,3242,3300,3346,3374,3383,3429,3432,3436,3447,3454,3462,3470,3479,3518 'defend':381 'defens':1703 'defin':396,407,417,426 'definida':1656 'definir':2395,2762 'deletada':2227 'dentro':3328,3371 'dependencia':628,2684 'deploy':552,622 'depth':1705 'desabilitar':3176 'desativar':2712 'descoberta':782,2593 'descobr':35 'descobrir':176 'descontrolado':2034 'describ':3609 'descricao':2908 'desencorajar':261 'desligar':3219 'deteccao':275,1394,1432,2481,3013 'detect':2196 'detectar':403,3255,3281 'dev':1429,1589,1601,1611,2547,2552,2932,2938,2944,2954 'dev/prod':2111 'dev/stage/prod':773 'deve':316,342,3494,3506 'dia':1659,1902,1925,2132,2793,3534 'diario':1438 'diferent':1594,1597 'diff':1165,1178 'diff-filt':1177 'dimensao':3350,3404,3406,3409 'diretament':2697,3344 'diretorio':3118 'discord':510 'dist':623 'docker':196,638,736,737,1189,1196,1207,1219,3196,3322 'docker-compos':1206,1218 'docker-compose.yml':584 'dockerfil':585 'documentacao':691,1933 'documentar':1376 'dolar':2037 'domain':89,120,3572 'dominio':2330 'dominio/referrer':1626 'dono':1371,1378,1664 'dormant':1369,2226 'duracao':252 'durant':3252,3306 'e':12,33,38,48,62,75,126,147,167,312,323,349,573,598,621,647,663,675,678,1190,1260,1449,1595,1619,1650,1665,1939,2185,2257,2286,2370,2374,2595,2625,2664,2773,2802,2880,2903,3153,3276,3286,3390 'eaa':980 'echo':1273,3334 'ecossistema':2632 'eliminar':201 'elk':672 'em':50,158,165,205,209,215,219,224,319,326,359,591,651,1084,1322,1336,1473,1581,2038,2233,2393,2463,2499,2507,2539,2551,2568,2629,2695,2791,2860,2864,2869,2927,2978,3004,3052,3075,3080,3098,3129,3200,3259,3313,3358,3533 'encontrado':2842 'encontrar':177,848,3033,3086 'encrypt':532 'end':212,1546,2106,3338 'endpoint':1573 'engano':305 'engin':18 'enhanc':3595 'enough':3583 'entend':710 'enterpris':6,23,27 'entr':3481 'entrega':2811 'entregu':1556 'entri':1996,3056 'entropi':1054 'env':185,575,759,860,863,1181,1239,1280,1287,1295,1843,3188,3282,3296,3316,3326 'env.development':578 'env.local':576 'env.production':577 'enviar':2357 'environ':1825,3198,3621 'environment-specif':3620 'equip':764,1968,2920 'era':1560 'erradicar':2719,2969 'error':225,653 'escopo':233,1468,1620,2577,2734,3366 'especifico':904,1095,2877 'essa':388,394 'essenciai':2199 'est':3304 'esta':1288,1311,2818,3239 'estado':3478 'estao':179,1268,3249,3516 'estar':182 'estrutura':1760,2819,3116 'etc':734,755,3022 'eu':386 'evitar':2161 'exato':2879 'exceco':339 'excedent':1908 'excessiva':1353 'execucao':163,2665,2688 'executa':3100 'executar':1451,2592 'executivo':2617,2822 'exemplo':438 'exist':421 'existir':317 'exit':3027 'expert':3626 'expertis':121,3573 'expir':1850 'expiracao':1651,3062 'expiraco':1922 'expiram':2790 'expirar':148,2186 'explicar':3273 'expor':1229,2380 'export':3065 'exposicao':202,1387,1395,1679,2949,3353 'exposta':2939,3258 'exposto':1321,2926 'express/fastify':1768 'externa':3505 'externo':747 'eyj':1029,1032,1039 'f':858,2893 'facebook':1246,2241 'fail2ban':3169,3184 'falha':1719 'faltando':1375 'faltant':2644 'fase':701,714,780,1301,1442,1528,1783,2604,2610 'feder':255,2171,2218 'file':645 'filter':1179,1510,1523 'filter-branch':1509 'filter-repo':1522 'finalidad':345 'find':854 'firebase.json':582 'firewal':3162 'font':594 'fora':2309 'fork':615 'forma':3243,3519 'format':1198 'formatado':3106 'formato':2809 'formula':1383,3401 'front':211,1545,1570,2048,2105,3337 'front-end':210,1544,2104,3336 'funcionar':1489 'futura':65 'ga':528 'gateway/proxy':1566 'gcp':470,754,1243,2141,2208,3017 'general':116 'general-purpos':115 'generat':3096 'generic':1051 'gera':3104 'geral':2830 'gerar':1464,2596,2613,2656,2679,2730 'gestao':8,29 'get':2095 'ghp':1016 'git':69,221,602,606,839,923,940,955,973,991,1011,1027,1050,1072,1076,1088,1098,1102,1111,1115,1124,1128,1137,1143,1152,1156,1173,1340,1498,1521,2725 'github':548,633,741,1012,1263,1275,1282,2007 'github/gitlab/bitbucket':724 'github/workflows':1296 'gitignor':3288,3320 'gitlab':550,636,744 'gitlab-ci.yml':1298 'glob':835,838,840,919,922,936,939,951,954,969,972,987,990,1007,1010,1023,1026,1046,1049,1066,1068,1071 'go':732 'googl':54,446,924,1244,2139,3463 'govern':2751 'governa':39 'governanca':151,268,411,1785,1889,2900,3386 'gpt':1832,2076 'graph':3439 'grep':1099,1112,1125,1138,1153 'guardduti':2479 'guiada':2666 'guiar':2687 'ha':2976 'handl':109 'hardcod':590,3291 'harden':1530,2040,2154,2254,2359,2447,2529,2624,2659 'head':1092,1109,1122,1135,1150,1163,1186,1203 'header':669 'health':3233 'helm':588 'hidden':803 'high':1053 'high-entropi':1052 'histori':70 'historico':220,597,600,1074,1097,1339,1347,1497,2724 'hmac':480,2268,2318 'hmac-sha256':2267,2317 'hook':1982,1988,2650,2888,3073 'hora':1332,1349,1916,1944,2039,2931,2943,2953,2971,2983,2990 'hostil':1549 'hostinger/aws/gcp/etc':719 'humano':674 'iam':473,2175,2178,2221,2453,2455,2495 'id':455,496,561,888,1629,1815,1989,2440 'ident':258,2170,2217 'identificado':1372 'ignor':806 'ilimitado':2444 'imag':197,639,1194,1197,3330,3460 'imediata':311,1446,2705,2828 'imediatament':1452,3262 'imediato':2963 'implantar':267 'impor':145 'inativa':1906 'incid':2702 'incident':280,308,2806 'inclui':3108 'inegociavei':174 'infraestrutura':716 'injetada':1756 'injetado':325 'inlin':1211 'input':3635 'instagram':2242,3434 'instalar':2646 'integracao':2253,3419 'interna':692 'invalidar':1455 'inventario':269,2618,2838 'investigar':1903 'ip':1622,1712,1866,2416,2418,2553,2582 'ip/dominio/escopo':3378 'ip/origem':2966 'ip/referrer/dominio/app':238 'ip/usuario':2072 'isso':406,416,425 'item':2848 'iten':3411,3413 'ja':1559 'jar':1513 'java':733,1512 'jenkin':635,743 'jenkinsfil':1297 'jira':682 'job':2016 'js':1555 'json':471,878,882,1801,2147,2210,2760,2896,3045 'junto':1606 'jwt':463,483,1028 'jwt/session':1738,1772,3212 'k8s':586 'key':22,43,442,469,481,485,487,492,495,533,535,537,553,557,560,809,817,821,824,872,1142,1183,1217,1251,1610,1614,1824,2062,2146,2164,2439,2452,2460,2494,2531,2575,3343,3465,3473 'keystor':892 'kill':1749,1937,2083,2716,3217 'kubernet':739 'languag':1999 'last':1805,1855,1880 'latest':2023 'layer':640 'least':231,2173,3360 'ler':2355 'leva':401 'lide':3502 'limit':241,1644,1710,1740,1776,1870,2070,2073,2087,2113,2123,2373,2424,3208,3597 'limitada':2941 'limitar':2291,2472 'limpar':1346,1494 'linear':683 'linguagem':728 'list':1105,1118,1131,1146,1159 'listar':1193,1232,2670 'live':265,450,958,962,2167,2459,2518,2550,2566 'lixo':1668 'locai':169,1195,1476,2843 'local':1987 'localizado':3003,3051,3074,3097 'locat':1840 'lock':841,1067 'lockdown':2621 'log':74,190,216,353,607,632,670,1089,1174,1343,1685,1743,2080,2236,2378,2431,2557,2585,3137,3214 'logado':1270 'login':3177 'long':264,2166,2458 'long-liv':263,2165,2457 'longo':976 'mai':413,423,1506,2078 'main':1819 'mal':2249 'manag':260,757,762,2157,2232,2275,2324,2488,2506,3050 'manager/vault/env':321 'manter':1793,2197 'mapear':704 'markdown':3107 'master':536 'match':3606 'matriz':1312 'maxdepth':855 'measur':529 'media':531,545 'medio':1351 'melhorando/estavel/piorando':2836 'melhoria':1380 'menor':364,2278 'mensagem':3088 'mensagen':2356 'mensal':1914 'mentalidad':373 'mes':1382,2871 'mesmo':603,3245 'messag':226 'meta':516,525,752,1245,2239,2306,3019,3437 'meta/facebook':974 'meta/whatsapp/facebook/instagram':56 'mfa':2461,2498 'middlewar':1770 'milhar':2035 'min':1892,2918 'minim':1415 'minima':2321,2534 'minimo':144,234,1469,1621,1633,2176,2222,2429,2578,2735,3367 'miss':3643 'missao':138 'misso':173 'mobil':1630 'mode':2703 'model':3422 'modelo':1790,2075 'modernizacao':430 'modernizar':246 'modo':2542,3023,3034,3081 'modul':627,837,921,938,953,971,989,1009,1025,1048,1070 'monitor':1715,3303 'monitoramento':775,1434,2124,3223,3380 'monitorar':2092 'month':1873 'mortem':2746 'multi':1400 'multipla':1706 'n':802,911,928,944,960,979,996,1015,1031,1059,1100,1113,1126,1139,1154,1213,1294 'na':1567,1763,3159 'name':859,862,865,868,871,874,880,884,887,891,894,897,1993,2010 'nao':367,369,696,1604,1637,1896,2063,2182,2302,2328,2391,2950,2975,3030 'nao-zero':3029 'necessario':1500,1634,2402,2430 'need':84,114 'nenhum':203,207,213,217,222,328,763,2209,3356 'nenhuma':2101 'new':666 'next':624 'nivel':1313 'no-ignor':804 'node':626,836,920,937,952,970,988,1008,1024,1047,1069 'node/ts':730 'nome':1233 'nomenclatura':1607 'nos':2996 'note':1885 'notificar':1330 'notion':694 'nova':1465,1491,1895,2731 'numerico':977 'nunca':287,289,354,1542,2046,2053,2448,2548,3127,3199 'o':127,292,299,391,404,418,427,711,861,864,867,870,873,879,883,886,890,893,896,1078,1569,1577,2401,2631,3172,3274 'oauth':253,452 'obrigatoria':272 'obrigatorio':1691,2270,2462,3213 'observabilidad':648,1677 'oferec':3277 'oidc':256 'ok':3412 'omega':3,16,102,3427,3498,3510 'ond':178,567,1077,3408 'onelin':1091 'op':2933 'openai':53,444,751,908,1242,1608,1612,1817,1821,2028,2091,2100,3016 'openai-prod-main':1816 'opera':3241 'operacao':3308 'operacion':5,26 'orcamento/anomalia':1682 'ordem':2683 'organ':2060 'orientar':309,3287 'origem':237 'os':160,720,1086,1475 'ou':180,726,1325,1341,1520,2097,2676,3046,3194 'ouro':286,1564 'output':3615 'outra':1721,3247,3492 'outsid':3570 'overview':24 'owner':344,1827,3192 'p':1176 'p0':1317,1448,2855 'p0/p1':2825 'p1':1333,1450,1877,2858 'p12':494,869 'p2':1350,2862 'p3':1366,2867 'padrao':1563,3156 'padrao-ouro':1562 'padro':789,796,903,1094,3011 'pagamento':2514 'painei':193 'painel':1459 'para':7,28,153,291,380,488,1306,1447,1525,1673,1693,1836,2057,2158,2300,2398,2471,2477,2480,2546,3039,3067,3078,3151,3267,3295,3327,3511 'parcial':1425 'parecem':3311 'passo':2690,2692,2960 'passo-a-passo':2689 'passwd':833 'password':503,831,1155,1214,1252 'passwords.txt':1518 'pasta':1762 'pat':549,1013 'peca':290 'pedir':3266 'pega':1080 'pela':3203 'pem':493,866,1182 'pen':1956 'pens':376 'pergunta':395 'perigoso':1669 'periodicament':2290 'permiss':3636 'permisso':142,1352,1907,2181,2320,2533,2940 'permissoes/roles':2272 'permitido':1632,2293 'permitir':3164 'persistir':3477 'peso':3351,3405 'pessoa':766 'pessoai':2064,2304,2329 'pfx':885 'pior':392,595 'pipelin':1261 'pitfal':3564 'planejar':1379 'plano':350,2663,2680,2850 'playbook':1963,2748,2873 'pode':333,2383 'poderiam':181 'polici':1862,2470 'politica':2754,2763,2898,3373 'poll':2392 'por':243,304,905,1209,1587,1683,1741,1747,1777,1781,1964,2051,2071,2074,2109,2282,2335,2764,2847,2853,2874,3014,3113,3178,3209,3227 'possivel':1056,1599,2066,2220,2556 'post':2745 'post-mortem':2744 'potenci':2948 'pra':402 'practic':1374,3536 'pratica':164 'pre':1976,1980,2648,2886,3036,3071,3397 'pre-commit':1975,1979,2647,2885,3035,3070,3396 'pre-commit-config.yaml':1983 'precisa':368 'precisao':792 'preferenciai':2497 'preferir':248,2168 'presenca':3527 'prevenir':139 'princip':729,795,1838 'principio':362,2276 'print':899 'prioridad':2854 'privado':619,727,1338,1399,1403,2929 'privado-multi':1398 'privado-solo':1402 'privat':486,820,823,1141 'privileg':232,2174,3361 'privilegiada':544 'privilegio':365,1389,1408,2279 'procedur':1941 'processo':676 'procurar':1893 'prod':1591,1603,1615,1818 'producao':652,1420,1424,2394,2569,2925 'producao-al':1419 'producao-parci':1423 'product':1826,3553 'produção':1326 'profission':384 'profunda':784,1532 'project':3543,3584 'projeto':3143 'projeto/ambiente':2052 'propria':3489 'protecao':1531,3435,3446,3453,3461,3469 'proteg':37 'protocolo':2957 'provedor':52,161,195,906,1461,1578,1636,1684,1754,1965,2640,2875,2997,3015,3114,3228 'provid':556,718,1820,3537,3582 'proxi':1642,1708,1726,1733,1769,2067,2117,2715,3121,3152,3206,3220 'proxima':1923,2677 'proximo':2803 'publicament':2916 'publico':616,725,1324,1396 'pull':609,2014 'purpos':117,1831 'python':731,1997,2000,3002 'quai':748 'qual':390 'qualquer':51,63,708,3253,3307,3499 'quando':1598,1624,2065,2205,2219,2555,3246,3491 'quanta':765,2789,2795 'quanto':399 'que':850,1166,1477,1485,1508,3310,3324,3333,3340,3501,3514 'quem':412,769,2910 'quota':239,1646,1714,1746,1780 'quota.js':1779 'radius':230,420,1392,1418,1928,2474 'rapida':2777 'rapidament':3221 'rate':240,1643,1709,1739,1775,1869,2069,2122,2372,2423,3207 'ratelimit.js':1774 'read':1413 'realtim':1440 'receb':2399 'recommend':2179,2224,3575 'reconhecimento':703 'record':680 'recorrent':274 'recuperar':2729,2981 'recurso':2152 'red':3423 'redact':358,1257,1690,2432,3139 'reduzir':141,228,1909 'reescrev':2723 'refatoracao':3294 'referencia':3126,3341 'refresh':464,829 'refund':2524 'regex':797,3012 'registrada':1897 'registri':270,1789,1802,1920,2700,2753,2759,2787,2895,2986,3049,3059,3388,3529 'registro':1795 'regra':284,1534,1539,1584,1616,1647,1675,1701,2740 'regressao':1974,2628,2743,3394 'reimplantar':2736 'relat':3589 'relatorio':2597,2614,2657,3105,3135 'relic':667 'remind':1672 'remov':1495,1526,2180,2720 'removeram':1167 'replac':1516 'replace-text':1515 'repo':206,618,1323,1337,1504,1524,1985,1986,2215,2928 'repo-clean':1503 'repo.git':1519 'repo/front/logs':3359 'report':3064,3095 'repositori':1199 'repositorio':168,723 'request':111,610,2015,2541 'requir':3545,3634 'resolv':3092 'responsavel':2945,2955 'resposta':278,2704,2814,2906 'resto':3173 'restricao':1356,1618,2797 'restrico':235,348,1361,1640,2643,3376,3523 'restrict':1627,1713,1865,2530,2554,2574,2583 'restringir':1359 'restrito':2333 'rev':1104,1117,1130,1145,1158 'rev-list':1103,1116,1129,1144,1157 'review':612,3546,3627 'revisado':2588 'revisao':1951,2337 'revisar':1926,2271,2287 'revogacao':310 'revogar':1327,1344,1454,1670,1904,2710 'rg':801,910,927,943,959,978,995,1014,1030,1058,1212,1240,1271,1278,1293 'risco':1305,2029,2142,2243,2345,2435,2515,2824,3275 'rn':1272,1279 'rodar':2599 'role':2454,2496 'rollback':1940,2685 'root':722,2450,2492,3193 'rota':3210 'rota/usuario':1778 'rotacao':146,271,313,352,1358,1363,1649,1674,1945,2128,2484,2668,2674,2682,3368,3375,3532 'rotacionar':1329,1345,1463,2184,2284 'rotat':1856,1861,2661 'rotina':1887,2755,2768,2891 'rsa':497,826,889 'run':2019 'runs-on':2018 'runtim':327,646 'safe':129 'safe-check':128 'safeti':3637 'saida':361,3044 'saud':2779 'scan':1992,2012,2017,2726 'scanner':794,1995,2999 'scope':3608 'score':2829,3109,3345,3402,3407,3410 'scp':2467 'screen':679 'screenshot':677 'script':2882,3132 'scripts/audit_report.py':3099 'scripts/pre_commit_hook.sh':3076 'scripts/registry_manager.py':3053 'scripts/secret_scanner.py':1998,3005 'se':298,366,385,1266,1286,1499,1550,1600,1635,1716,1905,1969,2974,3032,3085,3251,3263,3280,3289 'secret':45,259,320,453,457,477,479,515,518,521,530,564,587,756,761,810,819,1215,1250,1267,1274,1281,1582,1758,1788,1813,1814,1991,1994,2011,2156,2231,2256,2368,2412,2441,2487,2505,2537,2758,2894,3058,3197,3335,3441,3451 'secret-scan':1990 'secret/token':2246 'secret/tokens':2308 'secret_scanner.py':3079 'secur':17,1844 'sed':1255 'segredo':13,34,149,183,204,208,214,218,223,315,356,614,630,642,661,685,846,853,1057,1083,1168,1210,1319,1335,1580,1689,1745,2696,3001,3087,3128,3145,3187,3216,3357,3430 'segu':2817 'segura':424,3279,3520 'seguram':1722 'seguranca':134,375,1935,1955,2781,2832,3111,3158,3347,3487 'seguro':322,1507 'sem':1228,1237,1355,1357,1370,1433,1663,1666,1678,1688,1744,1899,2379,2693,2796,3215,3319 'seman':1436,1890 'semana':1365,2866 'semanal/mensal':2892 'semanal/mensal/trimestral':2769 'sempr':2812 'sendo':1269,1289,3283,3317 'senha':3179 'sensivei':2386 'sentinel':3485 'sentri':655 'separacao':242,1586 'separada':2108 'separado':774,2281 'ser':324 'server':1728,2119,2408,2572,3123 'server-sid':1727,2118,2407,2571,3122 'server.js':1767 'servic':46,467,827,876,2144,2162,2189,2203,2212,2468,3150 'service-account':875 'servico':746,1486 'servidor':2044 'sessao':543 'session':539 'sesso':3482 'set':2296,2750 'settings.json':581 'seu':1572,1732 'seus':3142 'sev':2911,2921,2934,2946 'severidad':2902,2907 'sha256':2269,2319 'side':331,1729,2120,2313,2409,2573,3124 'sign':478,484,2536 'signatur':2580 'simpler':104 'sinai':3299,3305 'sinal':1169 'sk':445,449,909,912,957,961,1101,2517,2544,2549,2565 'skill':81,94,3240,3248,3416,3418,3484,3490,3493,3500,3559,3567,3590,3593,3600 'skill-cred-omega' 'skill-sentinel':3483 'sla':1316,2909 'slack/teams/email':687 'snapshot':700 'solo':1404 'solucao':1561 'source-sickn33' 'spam':2358,2377 'special':85 'specif':106,3539,3579,3622 'ssh':3175,3182 'ssh/tls':491 'stabil':3467,3471 'stability-ai':3466 'stack':658 'stage':1427,1590,2003,3038,3043,3082 'state':644 'status':1878,3063 'step':2024 'stop':3628 'storag':1839 'store':1583,1759 'string':443,502,1055,3309 'stripe':60,448,956,2513,2561,2564,3021 'studio':3459 'sua':137,1574 'substituir':1471 'substitut':3618 'success':3640 'sugerir':3293 'sugesto':3112 'suggest':3548 'sum':3403 'sumario':2616,2821 'superfici':569 'suporta':1638 'suportado':1625 'supremo':132 'suspeita':1236,2967 'switch':1750,1938,2084,2717,3218 'system':2297,2325 't00':1810 'tag':1200 'tar':699 'tarefa':3254 'task':97,3569,3604 'taxonomia':435 'team':1830,3424 'telegram':57,507,753,992,1248,2343,2404,2417,3020,3452 'tem':370,414,767,1654 'tempo':400,1393,1431,2904 'tendencia':2835 'ter':343 'terraform':643 'terraform.tfstate':895 'terreno':712 'test':1957,2543,2545,3624 'testar':1936 'text':1517,2002 'texto':3047 'tfvar':898 'threat':3421 'threshold':1692 'ticket':681 'tipicament':851 'tipico':2030,2143,2244,2346,2436,2516 'tipo':155,432,2841 'tocar':2694 'toda':40,360,1536,1652,1798,1947,2464,2500,2540,2600,2671,2813,2919,3101,3363,3370 'todo':154,159,314,340,1085,1474,2630,3171 'token':44,249,460,462,465,506,509,512,524,527,547,551,811,830,975,994,1216,1249,2258,2280,2285,2299,2303,2327,2334,2347,2360,2369,2405,2413,2923,3438,3449,3456 'token/key':341 'tool':107 'top':2823 'topic-agent-skills' 'topic-agentic-skills' 'topic-ai-agent-skills' 'topic-ai-agents' 'topic-ai-coding' 'topic-ai-workflows' 'topic-antigravity' 'topic-antigravity-skills' 'topic-claude-code' 'topic-claude-code-skills' 'topic-codex-cli' 'topic-codex-skills' 'total':9,30,2150,2352,2783,3414 'trace':659,664 'track':654 'transvers':3238,3244 'tratar':306 'travar':2714 'treat':3613 'treinamento':1966 'trimestr':1942,2338 'ttl/expiracao':347 'tudo':2058 'twilio':61 'twitter':519 'type':857,1822,2001 'ubuntu':2022 'ubuntu-latest':2021 'ufw/iptables':3163 'ultimo':2800 'um':378,383,1794,3264 'uma':302,1717,2054,3256 'understand':3577 'unica':2056 'universai':1535 'unrel':99 'updat':2381,2397,2427 'urgencia':409 'usa':750 'usada':2183 'usag':2086,2093,2112 'usam':1478 'usando':1310 'usar':2059,2155,2177,2223,2389,2449,3180,3195 'usd':1874 'use':79,92,2025,3565,3598 'user':113,2298,2326,2456 'uso':1900,2234,2508,3231 'usuario':293,300,1558,1737,2388,3265 'usuario/rota':1742 'v':1731,1751 'valid':1773,2581,3623 'validacao':2264,2316,2371,2414 'validad':1655 'validado':2250,2538 'validar':3513 'valor':1230,1238 'valu':589 'var':3297 'variavei':192,1225,1235 'varredura':783,786,1959,2602,2884,3006,3103,3134 'vault':760,1406 'vaza':1602 'vazada':2032,2148,2519,2915 'vazado':2247,2442 'vazam':568 'vazamento':140,405,1171 'vazamento/abuso':2707 'vazass':387 'vazou':2350 'vencida':2675 'ver':3290 'verifi':1881 'verificar':1483,1921,2634,2973,2992,3040,3522,3531 'version':1803 'versionamento':599 'via':2486 'violar':288 'visao':2776 'vivo':1796 'voce':125 'voltaram':1487 'vpc':2202 'vps':73,166,717,1568,1575,1734,1764,1842,2045,3160 'vps-env-secur':1841 'waba':3448 'web':3204 'webhook':476,2248,2262,2314,2366,2390,2410,2535,2579,2713,3450 'whatsapp':1247,2240,3443 'whatsapp-cloud-api':3442 'without':119,3576 'work':124 'workload':257,2169,2216 'wrapper':3077 'write':1411 'x':815,1388,1390 'x-api-key':814 'yaml':1984,2009 'yml':1221 'z0':916,933,948,966,984,1004,1020,1036,1043,1063 'za':915,932,965,983,1003,1019,1035,1042,1062 'zero':338,2491,3031,3354 'zip':698 'ças':2994","prices":[{"id":"38e65d71-2550-4cf5-8d8b-7241fb8824d1","listingId":"fcc7bccf-120e-4aa1-8b3c-40d3e624b535","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"sickn33","category":"antigravity-awesome-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T21:35:23.821Z"}],"sources":[{"listingId":"fcc7bccf-120e-4aa1-8b3c-40d3e624b535","source":"github","sourceId":"sickn33/antigravity-awesome-skills/cred-omega","sourceUrl":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/cred-omega","isPrimary":false,"firstSeenAt":"2026-04-18T21:35:23.821Z","lastSeenAt":"2026-04-24T06:50:59.337Z"}],"details":{"listingId":"fcc7bccf-120e-4aa1-8b3c-40d3e624b535","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"sickn33","slug":"cred-omega","github":{"repo":"sickn33/antigravity-awesome-skills","stars":34831,"topics":["agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows","antigravity","antigravity-skills","claude-code","claude-code-skills","codex-cli","codex-skills","cursor","cursor-skills","developer-tools","gemini-cli","gemini-skills","kiro","mcp","skill-library"],"license":"mit","html_url":"https://github.com/sickn33/antigravity-awesome-skills","pushed_at":"2026-04-24T06:41:17Z","description":"Installable GitHub library of 1,400+ agentic skills for Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, and more. Includes installer CLI, bundles, workflows, and official/community skill collections.","skill_md_sha":"3e7b1171b22d85963a7f2f36b7c887ab2e3f55cc","skill_md_path":"skills/cred-omega/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/cred-omega"},"layout":"multi","source":"github","category":"antigravity-awesome-skills","frontmatter":{"name":"cred-omega","description":"CISO operacional enterprise para gestao total de credenciais e segredos."},"skills_sh_url":"https://skills.sh/sickn33/antigravity-awesome-skills/cred-omega"},"updatedAt":"2026-04-24T06:50:59.337Z"}}