{"id":"1c4e5ebd-eb0a-46f8-b5cb-52905ded16ab","shortId":"8nAFKR","kind":"skill","title":"google-cloud-waf-security","tagline":"Generates security-focused guidance for Google Cloud workloads based on the design principles and recommendations in the Google Cloud Well-Architected Framework (WAF). Use this skill to evaluate a workload, identify security requirements, and provide actionable recommendations fo","description":"# Google Cloud Well-Architected Framework skill for the Security pillar\n\n## Overview\n\nThe security pillar of the Google Cloud Well-Architected Framework provides\ndesign principles and best practices for building a robust security posture by\nintegrating security into every layer of the architecture for cloud workloads.\nIt focuses on maintaining confidentiality and integrity of data and systems\nwhile ensuring compliance and privacy. It provides a structured approach to risk\nmanagement, threat defense, and identity control, enabling you to operate cloud\nworkloads securely and at scale.\n\n## Core principles\n\nThe recommendations in the security pillar of the Well-Architected Framework are\naligned with the following core principles:\n\n-  **Implement security by design**: Integrate cloud security and network\n   security considerations starting from the initial design phase of your\n   applications and infrastructure. Google Cloud provides architecture\n   blueprints and recommendations to help you apply this principle. Grounding\n   document:\n   https://docs.cloud.google.com/architecture/framework/security/implement-security-by-design\n\n-  **Implement zero trust**: Use a _never trust, always verify_ approach, where\n   access to resources is granted based on continuous verification of trust.\n   Google Cloud supports this principle through products like Chrome Enterprise\n   Premium and Identity-Aware Proxy (IAP). Grounding document:\n   https://docs.cloud.google.com/architecture/framework/security/implement-zero-trust\n\n-  **Implement shift-left security**: Implement security controls early in the\n   software development lifecycle. Avoid security defects before system changes\n   are made. Detect and fix security bugs early, fast, and reliably after the\n   system changes are committed. Google Cloud supports this principle through\n   products like Cloud Build, Binary Authorization, and Artifact Registry.\n   Grounding document:\n   https://docs.cloud.google.com/architecture/framework/security/implement-shift-left-security\n\n-  **Implement preemptive cyber defense**: Adopt a proactive approach to\n   security by implementing robust fundamental measures like threat\n   intelligence. This approach helps you build a foundation for more effective\n   threat detection and response. Google Cloud's approach to layered security\n   controls aligns with this principle. Google Cloud supports this principle\n   through products like Security Command Center, Google Threat Intelligence,\n   and Google SecOps. Grounding document:\n   https://docs.cloud.google.com/architecture/framework/security/implement-preemptive-cyber-defense\n\n-  **Use AI securely and responsibly**: Develop and deploy AI systems in a\n   responsible and secure manner. The recommendations for this principle are\n   aligned with guidance in the AI and ML perspective of the Well-Architected\n   Framework and in Google's Secure AI Framework (SAIF). Grounding document:\n   https://docs.cloud.google.com/architecture/framework/security/use-ai-securely-and-responsibly\n\n-  **Use AI for security**: Use AI capabilities to improve your existing\n   security systems and processes through Gemini in Security and overall\n   platform-security capabilities. Use AI as a tool to increase the automation\n   of remedial work and ensure security hygiene to make other systems more\n   secure. Google Cloud supports this principle through products like Google\n   Threat Intelligence and Google SecOps. Grounding document:\n   https://docs.cloud.google.com/architecture/framework/security/use-ai-for-security\n\n-  **Meet regulatory, compliance, and privacy needs**: Adhere to\n   industry-specific regulations, compliance standards, and privacy\n   requirements. Google Cloud helps you meet these obligations through products\n   like Assured Workloads, Organization Policy Service, and our compliance\n   resource center. Grounding document:\n   https://docs.cloud.google.com/architecture/framework/security/meet-regulatory-compliance-and-privacy-needs\n\n## Relevant Google Cloud products\n\nThe following are _examples_ of Google Cloud products and features that are\nrelevant to security:\n\n- **Identity and access management**\n\n  - **Identity and Access Management (IAM)**: Fine-grained access control for\n    Google Cloud resources.\n  - **Identity-Aware Proxy (IAP)**: Secure access to applications without a VPN.\n  - **Chrome Enterprise Premium**: Endpoint security and context-aware access.\n\n- **Network security**\n\n  - **Google Cloud Armor**: DDoS protection and Web Application Firewall (WAF).\n  - **VPC Service Controls**: Define security perimeters to prevent data\n    exfiltration.\n  - **Cloud Next-Generation Firewall (NGFW)**: Advanced threat protection for\n    network traffic.\n  - **Shared VPC**: Centralized network management across projects.\n  - **Cloud Interconnect and IPsec VPN**: Secure, private connectivity.\n\n- **Data security**\n\n  - **Cloud Key Management Service (KMS)**: Manage encryption keys.\n  - **Sensitive Data Protection (formerly Cloud DLP)**: Discover and redact\n    sensitive data.\n  - **Confidential Computing**: Encrypt data in use (memory).\n\n- **Security operations (SecOps)**\n\n  - **Google SecOps (Chronicle)**: Threat detection and security analytics.\n  - **Security Command Center (SCC)**: Centralized vulnerability and threat\n    management.\n  - **Cloud Logging and Cloud Monitoring**: Visibility into system activity.\n\n- **Automation and supply chain**\n\n  - **Cloud Build**: Secure CI/CD pipelines.\n  - **Artifact Analysis**: Vulnerability scanning for container images.\n  - **Binary Authorization**: Deploy-time policy enforcement.\n  - **Assured open source software**: Use secured OSS packages.\n\n## Workload assessment questions\n\nAsk appropriate questions to understand the security-related requirements and\nconstraints of the workload and the user's organization. Choose questions from\nthe following list:\n\n- **Security by design**:\n\n  - How do you incorporate security considerations into your project's initial\n    planning and design phases?\n  - How do you define and document security requirements for new applications\n    and services?\n  - How do you ensure that security is integrated into your development\n    lifecycle?\n  - What tools and techniques do you use to perform threat modeling during the\n    design phase?\n  - How do you manage and prioritize security vulnerabilities discovered during\n    the design and development process?\n  - How do you handle security updates and patches for your applications and\n    infrastructure?\n  - How do you document and communicate security design decisions to your team\n    and stakeholders?\n  - How do you ensure that security configurations are consistently applied\n    across your environments?\n  - How do you validate the effectiveness of your security controls and\n    measures?\n  - How do you handle security exceptions and deviations from your security\n    design?\n\n- **Zero trust**:\n\n  - How do you verify and authenticate users and devices accessing your Google\n    Cloud resources?\n  - How do you implement the principle of least privilege for access control?\n  - How do you monitor and control network traffic within your Google Cloud\n    environment?\n  - How do you secure data in transit and at rest in your Google Cloud\n    environment?\n  - How do you implement continuous monitoring and logging of user and device\n    activity?\n  - How do you handle and respond to security incidents and breaches in a Zero\n    Trust environment?\n  - How do you manage and update security policies and controls in a Zero Trust\n    environment?\n  - How do you ensure that third-party applications and services comply with\n    your Zero Trust principles?\n  - How do you handle remote access and BYOD devices in a Zero Trust\n    environment?\n  - How do you educate and train your employees on Zero Trust principles and\n    practices?\n\n- **Shift-left security**:\n\n  - How do you integrate security testing into your development pipeline early\n    in the process?\n  - What types of security testing do you perform during the development phase?\n  - How do you provide developers with feedback on security vulnerabilities and\n    best practices?\n  - How do you empower developers to take ownership of security in their code?\n  - How do you ensure that security requirements are clearly defined and\n    communicated to developers?\n  - How do you measure the effectiveness of your Shift Left security\n    initiatives?\n  - How do you handle security dependencies and third-party libraries in your\n    code?\n  - How do you manage and update security configurations in your development\n    environment?\n  - How do you handle security exceptions and deviations from your security\n    policies in development?\n  - How do you promote a culture of security awareness and responsibility among\n    developers?\n\n- **Preemptive cyber defense**:\n\n  - How do you proactively identify and mitigate potential security threats\n    before they impact your systems?\n  - What tools and techniques do you use for continuous security monitoring and\n    analysis?\n  - How do you respond to and remediate security alerts and incidents?\n  - How do you simulate and test your incident response plans?\n  - How do you stay up-to-date with the latest security threats and\n    vulnerabilities?\n  - How do you handle and mitigate DDoS attacks against your applications and\n    services?\n  - How do you protect your sensitive data from insider threats?\n  - How do you ensure that your security controls are effective against advanced\n    persistent threats (APTs)?\n  - How do you handle security vulnerabilities in your supply chain?\n  - How do you adapt your security posture to evolving threats and technologies?\n\n- **Security of AI workloads**:\n\n  - How do you ensure the security of your AI models and data?\n  - How do you address potential biases and ethical concerns in your AI models?\n  - How do you protect your AI models from adversarial attacks and data\n    poisoning?\n  - How do you ensure the privacy of data used in your AI models?\n  - How do you explain and interpret the decisions made by your AI models?\n  - How do you manage and control access to your AI models and data?\n  - How do you ensure compliance with regulations and standards related to\n    AI and ML?\n  - How do you monitor and detect anomalies in the behavior of your AI models?\n  - How do you handle and respond to security incidents involving your AI\n    models?\n  - How do you educate and train your employees on the secure and responsible\n    use of AI and ML?\n\n- **AI for security**:\n\n  - How do you leverage AI and ML to enhance your security posture?\n  - What types of AI models do you use for security purposes?\n  - How do you train and validate your AI models for security applications?\n  - How do you ensure the accuracy and reliability of AI-based security\n    systems?\n  - How do you handle false positives and false negatives from AI-based\n    security systems?\n  - How do you integrate AI-based security systems with your existing security\n    infrastructure?\n  - How do you manage and update your AI models for security applications?\n  - How do you explain and interpret the decisions made by your AI models for\n    security applications?\n  - How do you ensure the ethical and responsible use of AI and ML for security\n    purposes?\n  - How do you measure the effectiveness of AI and ML in improving your security\n    posture?\n\n- **Regulatory compliance and privacy**:\n\n  - What regulatory compliance frameworks and privacy standards do you need to\n    adhere to?\n  - How do you assess and manage compliance risks in your Google Cloud\n    environment?\n  - How do you ensure the privacy of sensitive data stored and processed in\n    Google Cloud?\n  - How do you handle data subject requests (DSRs) related to privacy\n    regulations?\n  - How do you document and track compliance activities and evidence?\n  - How do you ensure that third-party vendors and partners comply with your\n    regulatory and privacy requirements?\n  - How do you handle data breaches and security incidents related to compliance\n    regulations?\n  - How do you stay up-to-date with changes in regulatory compliance and privacy\n    standards?\n  - How do you educate and train your employees on regulatory compliance and\n    privacy requirements?\n  - How do you demonstrate and prove compliance to auditors and regulators?\n\n## Validation checklist\n\nUse the following checklist to evaluate the architecture's alignment with\nsecurity recommendations:\n\n- **Security by design**:\n\n  - Are system components selected based on their security features and\n    hardening?\n  - Is defense-in-depth implemented at the network, host, and application\n    layers?\n  - Are safe libraries and application frameworks used to prevent common\n    vulnerabilities?\n  - Is a risk assessment performed using industry standards?\n\n- **Zero trust**:\n\n  - Is access control enforced based on user identity and context (device,\n    location)?\n  - Are private connectivity methods (Cloud Interconnect, VPN) used for internal\n    traffic?\n  - Are default networks disabled in all projects?\n  - Are VPC Service Controls perimeters established around sensitive data?\n\n- **Shift-left security**:\n\n  - Is infrastructure provisioned using Infrastructure as Code\n    (e.g., Terraform)?\n  - Are automated security scans integrated into the CI/CD pipeline?\n  - Is there a process for scanning and patching vulnerabilities in\n    dependencies?\n  - Is Binary Authorization used to ensure only trusted images are deployed?\n\n- **Preemptive cyber defense**:\n\n  - Is threat intelligence integrated into security operations?\n  - Is security logging enabled and centralized for all critical resources?\n  - Are automated responses configured for common security threats?\n  - Are defenses validated through periodic testing or red-teaming?\n\n- **AI security and governance**:\n\n  - Are AI pipelines secured against tampering and data poisoning?\n  - Is differential privacy or data masking used for training data where\n    appropriate?\n  - Are Vertex Explainable AI and fairness indicators used for model governance?","tags":["google","cloud","waf","security","atlasclaw","providers","cloudchef","agent-skills","agentic-workflow","ai-integration","openclaw"],"capabilities":["skill","source-cloudchef","skill-google-cloud-waf-security","topic-agent-skills","topic-agentic-workflow","topic-ai-integration","topic-openclaw"],"categories":["atlasclaw-providers"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/CloudChef/atlasclaw-providers/google-cloud-waf-security","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add CloudChef/atlasclaw-providers","source_repo":"https://github.com/CloudChef/atlasclaw-providers","install_from":"skills.sh"}},"qualityScore":"0.455","qualityRationale":"deterministic score 0.46 from registry signals: · indexed on github topic:agent-skills · 10 github stars · SKILL.md body (14,130 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:08:23.088Z","embedding":null,"createdAt":"2026-05-09T01:05:33.120Z","updatedAt":"2026-05-18T19:08:23.088Z","lastSeenAt":"2026-05-18T19:08:23.088Z","tsv":"'/architecture/framework/security/implement-preemptive-cyber-defense':359 '/architecture/framework/security/implement-security-by-design':192 '/architecture/framework/security/implement-shift-left-security':293 '/architecture/framework/security/implement-zero-trust':236 '/architecture/framework/security/meet-regulatory-compliance-and-privacy-needs':517 '/architecture/framework/security/use-ai-for-security':475 '/architecture/framework/security/use-ai-securely-and-responsibly':409 'access':204,539,543,549,561,576,891,906,1002,1361,1770 'accuraci':1470 'across':616,853 'action':43 'activ':682,948,1631 'adapt':1278 'address':1306 'adher':482,1582 'adopt':298 'advanc':605,1261 'adversari':1324 'ai':361,368,387,402,411,415,436,1289,1299,1314,1321,1340,1353,1364,1379,1394,1407,1424,1427,1434,1445,1460,1475,1490,1499,1515,1531,1546,1559,1890,1895,1918 'ai-bas':1474,1489,1498 'alert':1199 'align':147,334,382,1717 'alway':200 'among':1158 'analysi':693,1190 'analyt':664 'anomali':1388 'appli':185,852 'applic':172,563,586,771,826,988,1237,1464,1519,1535,1746,1752 'approach':113,202,301,313,329 'appropri':718,1914 'apt':1264 'architect':28,50,67,144,395 'architectur':89,178,1715 'armor':581 'around':1805 'artifact':287,692 'ask':717 'assess':715,1587,1762 'assur':503,706 'attack':1234,1325 'auditor':1703 'authent':887 'author':285,700,1843 'autom':443,683,1822,1873 'avoid':251 'awar':229,557,575,1155 'base':15,209,1476,1491,1500,1728,1773 'behavior':1391 'best':73,1066 'bias':1308 'binari':284,699,1842 'blueprint':179 'breach':959,1657 'bug':263 'build':76,283,316,688 'byod':1004 'capabl':416,434 'center':348,512,667 'central':613,669,1867 'chain':686,1274 'chang':256,271,1674 'checklist':1707,1711 'choos':737 'chrome':223,567 'chronicl':659 'ci/cd':690,1828 'clear':1089 'cloud':3,13,25,47,64,91,126,158,176,216,275,282,327,339,458,494,520,528,553,580,599,618,628,640,674,677,687,894,919,934,1595,1611,1785 'code':1080,1120,1818 'command':347,666 'commit':273 'common':1757,1877 'communic':834,1092 'compli':991,1645 'complianc':106,478,488,510,1372,1568,1573,1590,1630,1663,1677,1691,1701 'compon':1726 'comput':648 'concern':1311 'confidenti':97,647 'configur':849,1128,1875 'connect':625,1783 'consider':163,751 'consist':851 'constraint':728 'contain':697 'context':574,1778 'context-awar':573 'continu':211,940,1186 'control':121,244,333,550,591,865,907,913,974,1257,1360,1771,1802 'core':132,151 'critic':1870 'cultur':1152 'cyber':296,1161,1853 'data':101,597,626,637,646,650,925,1246,1302,1327,1336,1367,1605,1616,1656,1807,1901,1907,1912 'date':1219,1672 'ddos':582,1233 'decis':837,1349,1527 'default':1793 'defect':253 'defens':118,297,1162,1737,1854,1881 'defense-in-depth':1736 'defin':592,764,1090 'demonstr':1698 'depend':1112,1840 'deploy':367,702,1851 'deploy-tim':701 'depth':1739 'design':18,70,156,168,745,759,799,812,836,879,1723 'detect':259,323,661,1387 'develop':249,365,784,814,1037,1053,1059,1072,1094,1131,1146,1159 'deviat':875,1140 'devic':890,947,1005,1779 'differenti':1904 'disabl':1795 'discov':642,809 'dlp':641 'docs.cloud.google.com':191,235,292,358,408,474,516 'docs.cloud.google.com/architecture/framework/security/implement-preemptive-cyber-defense':357 'docs.cloud.google.com/architecture/framework/security/implement-security-by-design':190 'docs.cloud.google.com/architecture/framework/security/implement-shift-left-security':291 'docs.cloud.google.com/architecture/framework/security/implement-zero-trust':234 'docs.cloud.google.com/architecture/framework/security/meet-regulatory-compliance-and-privacy-needs':515 'docs.cloud.google.com/architecture/framework/security/use-ai-for-security':473 'docs.cloud.google.com/architecture/framework/security/use-ai-securely-and-responsibly':407 'document':189,233,290,356,406,472,514,766,832,1627 'dsrs':1619 'e.g':1819 'earli':245,264,1039 'educ':1014,1412,1684 'effect':321,861,1100,1259,1557 'employe':1018,1416,1688 'empow':1071 'enabl':122,1865 'encrypt':634,649 'endpoint':570 'enforc':705,1772 'enhanc':1438 'ensur':105,448,777,846,983,1084,1253,1294,1332,1371,1468,1539,1600,1637,1846 'enterpris':224,568 'environ':855,920,935,964,979,1010,1132,1596 'establish':1804 'ethic':1310,1541 'evalu':35,1713 'everi':85 'evid':1633 'evolv':1283 'exampl':525 'except':873,1138 'exfiltr':598 'exist':420,1505 'explain':1345,1523,1917 'fair':1920 'fals':1483,1486 'fast':265 'featur':531,1732 'feedback':1061 'fine':547 'fine-grain':546 'firewal':587,603 'fix':261 'fo':45 'focus':9,94 'follow':150,523,741,1710 'former':639 'foundat':318 'framework':29,51,68,145,396,403,1574,1753 'fundament':307 'gemini':426 'generat':6,602 'googl':2,12,24,46,63,175,215,274,326,338,349,353,399,457,465,469,493,519,527,552,579,657,893,918,933,1594,1610 'google-cloud-waf-secur':1 'govern':1893,1925 'grain':548 'grant':208 'ground':188,232,289,355,405,471,513 'guidanc':10,384 'handl':819,871,952,1000,1110,1136,1230,1268,1399,1482,1615,1655 'harden':1734 'help':183,314,495 'host':1744 'hygien':450 'iam':545 'iap':231,559 'ident':120,228,537,541,556,1776 'identifi':38,1167 'identity-awar':227,555 'imag':698,1849 'impact':1175 'implement':153,193,237,242,294,305,899,939,1740 'improv':418,1563 'incid':957,1201,1209,1404,1660 'incorpor':749 'increas':441 'indic':1921 'industri':485,1765 'industry-specif':484 'infrastructur':174,828,1507,1813,1816 'initi':167,756,1106 'insid':1248 'integr':82,99,157,781,1032,1497,1825,1858 'intellig':311,351,467,1857 'interconnect':619,1786 'intern':1790 'interpret':1347,1525 'involv':1405 'ipsec':621 'key':629,635 'kms':632 'latest':1222 'layer':86,331,1747 'least':903 'left':240,1027,1104,1810 'leverag':1433 'librari':1117,1750 'lifecycl':250,785 'like':222,281,309,345,464,502 'list':742 'locat':1780 'log':675,943,1864 'made':258,1350,1528 'maintain':96 'make':452 'manag':116,540,544,615,630,633,673,804,968,1124,1358,1511,1589 'manner':375 'mask':1908 'measur':308,867,1098,1555 'meet':476,497 'memori':653 'method':1784 'mitig':1169,1232 'ml':389,1381,1426,1436,1548,1561 'model':796,1300,1315,1322,1341,1354,1365,1395,1408,1446,1461,1516,1532,1924 'monitor':678,911,941,1188,1385 'need':481,1580 'negat':1487 'network':161,577,609,614,914,1743,1794 'never':198 'new':770 'next':601 'next-gener':600 'ngfw':604 'oblig':499 'open':707 'oper':125,655,1861 'organ':505,736 'oss':712 'overal':430 'overview':57 'ownership':1075 'packag':713 'parti':987,1116,1641 'partner':1644 'patch':823,1837 'perform':794,1050,1763 'perimet':594,1803 'period':1884 'persist':1262 'perspect':390 'phase':169,760,800,1054 'pillar':56,60,139 'pipelin':691,1038,1829,1896 'plan':757,1211 'platform':432 'platform-secur':431 'poison':1328,1902 'polici':506,704,972,1144 'posit':1484 'postur':80,1281,1441,1566 'potenti':1170,1307 'practic':74,1024,1067 'preemptiv':295,1160,1852 'premium':225,569 'prevent':596,1756 'principl':19,71,133,152,187,219,278,337,342,380,461,901,996,1022 'priorit':806 'privaci':108,480,491,1334,1570,1576,1602,1622,1650,1679,1693,1905 'privat':624,1782 'privileg':904 'proactiv':300,1166 'process':424,815,1042,1608,1833 'product':221,280,344,463,501,521,529 'project':617,754,1798 'promot':1150 'protect':583,607,638,1243,1319 'prove':1700 'provid':42,69,110,177,1058 'provis':1814 'proxi':230,558 'purpos':1452,1551 'question':716,719,738 'recommend':21,44,135,181,377,1720 'red':1888 'red-team':1887 'redact':644 'registri':288 'regul':487,1374,1623,1664,1705 'regulatori':477,1567,1572,1648,1676,1690 'relat':725,1377,1620,1661 'relev':518,534 'reliabl':267,1472 'remedi':445,1197 'remot':1001 'request':1618 'requir':40,492,726,768,1087,1651,1694 'resourc':206,511,554,895,1871 'respond':954,1194,1401 'respons':325,364,372,1157,1210,1421,1543,1874 'rest':930 'risk':115,1591,1761 'robust':78,306 'safe':1749 'saif':404 'scale':131 'scan':695,1824,1835 'scc':668 'secop':354,470,656,658 'secur':5,8,39,55,59,79,83,128,138,154,159,162,241,243,252,262,303,332,346,362,374,401,413,421,428,433,449,456,536,560,571,578,593,623,627,654,663,665,689,711,724,743,750,767,779,807,820,835,848,864,872,878,924,956,971,1028,1033,1046,1063,1077,1086,1105,1111,1127,1137,1143,1154,1171,1187,1198,1223,1256,1269,1280,1287,1296,1403,1419,1429,1440,1451,1463,1477,1492,1501,1506,1518,1534,1550,1565,1659,1719,1721,1731,1811,1823,1860,1863,1878,1891,1897 'security-focus':7 'security-rel':723 'select':1727 'sensit':636,645,1245,1604,1806 'servic':507,590,631,773,990,1239,1801 'share':611 'shift':239,1026,1103,1809 'shift-left':238,1025,1808 'simul':1205 'skill':33,52 'skill-google-cloud-waf-security' 'softwar':248,709 'sourc':708 'source-cloudchef' 'specif':486 'stakehold':842 'standard':489,1376,1577,1680,1766 'start':164 'stay':1215,1668 'store':1606 'structur':112 'subject':1617 'suppli':685,1273 'support':217,276,340,459 'system':103,255,270,369,422,454,681,1177,1478,1493,1502,1725 'take':1074 'tamper':1899 'team':840,1889 'techniqu':789,1181 'technolog':1286 'terraform':1820 'test':1034,1047,1207,1885 'third':986,1115,1640 'third-parti':985,1114,1639 'threat':117,310,322,350,466,606,660,672,795,1172,1224,1249,1263,1284,1856,1879 'time':703 'tool':439,787,1179 'topic-agent-skills' 'topic-agentic-workflow' 'topic-ai-integration' 'topic-openclaw' 'track':1629 'traffic':610,915,1791 'train':1016,1414,1456,1686,1911 'transit':927 'trust':195,199,214,881,963,978,995,1009,1021,1768,1848 'type':1044,1443 'understand':721 'up-to-d':1216,1669 'updat':821,970,1126,1513 'use':31,196,360,410,414,435,652,710,792,1184,1337,1422,1449,1544,1708,1754,1764,1788,1815,1844,1909,1922 'user':734,888,945,1775 'valid':859,1458,1706,1882 'vendor':1642 'verif':212 'verifi':201,885 'vertex':1916 'visibl':679 'vpc':589,612,1800 'vpn':566,622,1787 'vulner':670,694,808,1064,1226,1270,1758,1838 'waf':4,30,588 'web':585 'well':27,49,66,143,394 'well-architect':26,48,65,142,393 'within':916 'without':564 'work':446 'workload':14,37,92,127,504,714,731,1290 'zero':194,880,962,977,994,1008,1020,1767","prices":[{"id":"944d3c1a-b1d4-410e-b3bb-d6dff604cc38","listingId":"1c4e5ebd-eb0a-46f8-b5cb-52905ded16ab","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"CloudChef","category":"atlasclaw-providers","install_from":"skills.sh"},"createdAt":"2026-05-09T01:05:33.120Z"}],"sources":[{"listingId":"1c4e5ebd-eb0a-46f8-b5cb-52905ded16ab","source":"github","sourceId":"CloudChef/atlasclaw-providers/google-cloud-waf-security","sourceUrl":"https://github.com/CloudChef/atlasclaw-providers/tree/main/skills/google-cloud-waf-security","isPrimary":false,"firstSeenAt":"2026-05-09T01:05:33.120Z","lastSeenAt":"2026-05-18T19:08:23.088Z"}],"details":{"listingId":"1c4e5ebd-eb0a-46f8-b5cb-52905ded16ab","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"CloudChef","slug":"google-cloud-waf-security","github":{"repo":"CloudChef/atlasclaw-providers","stars":10,"topics":["agent-skills","agentic-workflow","ai-integration","openclaw"],"license":"apache-2.0","html_url":"https://github.com/CloudChef/atlasclaw-providers","pushed_at":"2026-05-18T03:15:37Z","description":"atlasclaw-providers are the integration with enterprise systems through skills and webhook.","skill_md_sha":"b95840c9708ba13823a6904da2934095b9b39d1e","skill_md_path":"skills/google-cloud-waf-security/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/CloudChef/atlasclaw-providers/tree/main/skills/google-cloud-waf-security"},"layout":"multi","source":"github","category":"atlasclaw-providers","frontmatter":{"name":"google-cloud-waf-security","description":"Generates security-focused guidance for Google Cloud workloads based on the design principles and recommendations in the Google Cloud Well-Architected Framework (WAF). Use this skill to evaluate a workload, identify security requirements, and provide actionable recommendations for IAM, network security, data protection, and operational security."},"skills_sh_url":"https://skills.sh/CloudChef/atlasclaw-providers/google-cloud-waf-security"},"updatedAt":"2026-05-18T19:08:23.088Z"}}