/
write-operation-safety
Cursor Rule
Write operations are disabled by default and require explicit enablement. Delete operations use HMAC confirmation tokens.
Manage the Zscaler cloud security platform including ZPA (private access), ZIA (internet access), ZDX (digital experience), ZCC (client connector), EASM (attack surface management), and Z-Insights (security analytics). Includes guided skills for application onboarding, policy audits, incident investigation, and cross-product troubleshooting.
Rules7
cross-service-overlapZscaler APIs have intentional cross-service data overlap. Disabling a service does not remove overlapping tools from other services.
write-operation-safetyWrite operations are disabled by default and require explicit enablement. Delete operations use HMAC confirmation tokens.
zdx-read-onlyZDX is a read-only monitoring service. The since parameter is in hours, not timestamps.
zia-activation-requiredZIA requires explicit activation after any create, update, or delete operation. Forgetting this is the number one source of issues.
zms-graphql-conventionsZMS uses GraphQL and is read-only. Every query requires ZSCALER_CUSTOMER_ID and uses specific pagination patterns.
Commands20
app-healthAnalyze application health across the organization using ZDX scores and metrics.
audit-softwareAudit software inventory across devices using ZDX data for compliance and vulnerability assessment.
audit-sslAudit ZIA SSL inspection rules -- list rules by action (INSPECT, DO_NOT_INSPECT, DO_NOT_DECRYPT, BLOCK), identify bypasses, and assess risk.
check-accessCheck whether a user or group can access a specific URL via ZIA policies.
compare-locationsCompare digital experience across locations, departments, or geolocations using ZDX.