/
audit-ssl
Cursor Command
Audit ZIA SSL inspection rules -- list rules by action (INSPECT, DO_NOT_INSPECT, DO_NOT_DECRYPT, BLOCK), identify bypasses, and assess risk.
Manage the Zscaler cloud security platform including ZPA (private access), ZIA (internet access), ZDX (digital experience), ZCC (client connector), EASM (attack surface management), and Z-Insights (security analytics). Includes guided skills for application onboarding, policy audits, incident investigation, and cross-product troubleshooting.
Commands20
app-healthAnalyze application health across the organization using ZDX scores and metrics.
audit-softwareAudit software inventory across devices using ZDX data for compliance and vulnerability assessment.
audit-sslAudit ZIA SSL inspection rules -- list rules by action (INSPECT, DO_NOT_INSPECT, DO_NOT_DECRYPT, BLOCK), identify bypasses, and assess risk.
check-accessCheck whether a user or group can access a specific URL via ZIA policies.
compare-locationsCompare digital experience across locations, departments, or geolocations using ZDX.
Rules7
cross-service-overlapZscaler APIs have intentional cross-service data overlap. Disabling a service does not remove overlapping tools from other services.
write-operation-safetyWrite operations are disabled by default and require explicit enablement. Delete operations use HMAC confirmation tokens.
zdx-read-onlyZDX is a read-only monitoring service. The since parameter is in hours, not timestamps.
zia-activation-requiredZIA requires explicit activation after any create, update, or delete operation. Forgetting this is the number one source of issues.
zms-graphql-conventionsZMS uses GraphQL and is read-only. Every query requires ZSCALER_CUSTOMER_ID and uses specific pagination patterns.