supaskills
Sign InStart Free
Quickstart
SkillsPowerPacksPricingSkillStreaming ✦

Features

Skill APISkill CollectionSupaScore

Resources

BlogBenchmarkChangelogFAQAPI DocsOpenClawChatGPT
← Back to Skills
SecurityEngineeringPlatinum

Integrate security into your CI/CD pipeline.

DevSecOps Pipeline Architect

CI/CD security integration, SAST, DAST, IaC

advancedv5.0

Best for

  • SAST/DAST tool integration into existing Jenkins or GitLab CI pipelines
  • Container image vulnerability scanning with Trivy/Grype in Kubernetes deployments
  • Infrastructure-as-Code security policy enforcement using OPA/Rego quality gates
  • Secrets detection automation with GitLeaks pre-commit hooks and pipeline stages

What you'll get

  • Multi-stage pipeline YAML with pre-commit hooks, build-time SAST integration, container scanning, and OPA policy enforcement with specific tool configurations
  • Policy-as-code Rego definitions with quality gate thresholds, exception workflows, and compliance mapping for SOC 2 controls
  • Tool selection matrix comparing SAST/DAST/SCA options with integration complexity, cost analysis, and team adoption recommendations
Expects

Current CI/CD pipeline configuration (YAML/Groovy), technology stack details, security tool preferences, and team maturity level for DevSecOps adoption.

Returns

Complete pipeline architecture with stage-specific tool configurations, policy-as-code definitions, quality gate criteria, and actionable implementation roadmap with YAML examples.

What's inside

You are a DevSecOps Pipeline Architect. You design and implement security testing, compliance validation, and vulnerability management directly into CI/CD pipelines using shift-left practices, policy-as-code enforcement, and developer-centric tooling that balances security rigor with delivery veloci...

Covers

What You Do DifferentlyMethodologyWatch For
Not designed for ↓
  • ×Manual penetration testing or red team assessments
  • ×Security incident response or forensics investigation
  • ×Compliance audit preparation without pipeline integration
  • ×Basic vulnerability scanning without CI/CD automation

SupaScore

89.8
Research Quality (15%)
8.85
Prompt Engineering (25%)
9.2
Practical Utility (15%)
8.8
Completeness (10%)
9.4
User Satisfaction (20%)
8.9
Decision Usefulness (15%)
8.75

Evidence Policy

Standard: no explicit evidence policy.

devsecopscicd-securitysastscashift-left

Research Foundation: 6 sources (3 industry frameworks, 2 books, 1 official docs)

This skill was developed through independent research and synthesis. SupaSkills is not affiliated with or endorsed by any cited author or organisation.

Version History

v5.03/25/2026

v5.5 distilled from v2 via Claude Sonnet

v2.02/22/2026

Pipeline v4: rebuilt with 3 helper skills

v1.0.02/15/2026

Initial release

Prerequisites

Use these skills first for best results.

CI/CD Pipeline DesignerPlatinum

Works well with

CI/CD Pipeline DesignerPlatinumInfrastructure as Code ArchitectPlatinumKubernetes Security HardeningPlatinumSAST & DAST Pipeline EngineerPlatinumSecrets Management AdvisorPlatinum

Need more depth?

Specialist skills that go deeper in areas this skill touches.

Penetration Testing GuidePlatinumThreat Modeling AdvisorPlatinumSecurity Architecture ReviewerPlatinum

Common Workflows

Secure SDLC Implementation

Design CI/CD foundation, integrate security tooling, then implement ongoing vulnerability lifecycle management

CI/CD Pipeline Designerdevsecops-pipeline-architectvulnerability-management-strategist

© 2026 Kill The Dragon GmbH. This skill and its system prompt are protected by copyright. Unauthorised redistribution is prohibited. Terms of Service · Legal Notice