MCPxelMCPxel
Co-Pilot / 辅助式
更新于 24 days ago

security-agent-skills

HhackIDLE
0.0k
ethanolivertroy/security-agent-skills
80
Agent 评分

💡 摘要

此技能分析服务网格配置的安全漏洞和合规性。

🎯 适合人群

DevSecOps 工程师云架构师合规官安全分析师软件开发人员

🤖 AI 吐槽:看起来很能打,但别让配置把人劝退。

安全分析中风险

风险:Medium。建议检查:是否执行 shell/命令行指令;是否发起外网请求(SSRF/数据外发);文件读写范围与路径穿越风险;依赖锁定与供应链风险。以最小权限运行,并在生产环境启用前审计代码与依赖。

hackIDLE Skills

A collection of security-focused agent skills from hackIDLE, following the Agent Skills open standard. These skills enable AI agents to perform security analysis, compliance assessments, and remediation tasks.

Available Skills

| Skill | Description | |-------|-------------| | mesh-security | Analyze Istio, Consul, and Linkerd service mesh configurations for security vulnerabilities with NIST 800-53 control mappings |

Installation

Quick Install (Recommended)

# Install all skills
npx add-skill hackIDLE/skills

# Or install a specific skill
npx add-skill hackIDLE/skills --skill mesh-security

# List available skills first
npx add-skill hackIDLE/skills --list

Global vs Project Installation

# Global (available in all projects)
npx add-skill -g hackIDLE/skills

# Project-level (in current directory)
npx add-skill hackIDLE/skills

Supported Agents

add-skill automatically detects and installs to:

  • Claude Code (~/.claude/skills/)
  • Cursor (~/.cursor/skills/)
  • Codex (~/.codex/skills/)
  • OpenCode (~/.config/opencode/skill/)
  • Gemini CLI
  • VS Code
  • GitHub Copilot
  • And more...

These skills follow the Agent Skills specification and work with any compatible agent platform.

Manual Installation

If you prefer manual installation:

# Clone the repo
git clone https://github.com/hackIDLE/skills.git hackidle-skills

# Copy skills to Claude Code
cp -r hackidle-skills/skills/* ~/.claude/skills/

# Install dependencies
cd ~/.claude/skills/mesh-security && npm install

Skills Overview

mesh-security

Comprehensive security analysis for service mesh configurations:

  • Supported Meshes: Istio, Consul, Linkerd
  • Security Checks: mTLS, RBAC/ACL, TLS settings, certificate management, traffic policies
  • Compliance: NIST 800-53 Rev 5 control mappings, FedRAMP reports
  • Output: Findings with severity levels, remediation guidance, compliance reports

Sub-skills included:

  • mesh-remediation - Generate and apply security fixes
  • mesh-compliance-reporter - Generate FedRAMP/NIST compliance reports

Quick Start:

# Analyze a mesh config
node ~/.claude/skills/mesh-security/lib/analyzer-wrapper.js ./istio-config.yaml

# Generate remediation plan
node ~/.claude/skills/mesh-security/lib/remediation-engine.js ./consul-config.json

# Create FedRAMP compliance report
node ~/.claude/skills/mesh-security/lib/report-generator.js ./linkerd-config.yaml --fedramp

Contributing

Contributions welcome! To add a new security skill:

  1. Create a new directory under skills/
  2. Add a SKILL.md following the specification
  3. Include any supporting scripts in lib/
  4. Add reference documentation in references/
  5. Submit a pull request

License

MIT License - see LICENSE for details.

Related Projects

五维分析
清晰度8/10
创新性8/10
实用性9/10
完整性8/10
可维护性7/10
优缺点分析

优点

  • 对多个服务网格进行全面的安全检查。
  • 支持 NIST 和 FedRAMP 的合规报告。
  • 与各种代理的安装和集成简单。

缺点

  • 仅限于特定的服务网格。
  • 可能需要额外配置以获得最佳使用效果。
  • 功能依赖于外部库。

相关技能

constant-time-analysis

A
toolCode Lib / 代码库
88/ 100

“这是一把寻找时序泄漏的瑞士军刀,但你需要一个编译器工具链的博士学位来设置所有的语言后端。”

查看测评

burpsuite-project-parser

A
toolCo-Pilot / 辅助式
82/ 100

“看起来很能打,但别让配置把人劝退。”

查看测评

semgrep-rule-creator

B
toolCo-Pilot / 辅助式
76/ 100

“这就像给抽象语法树写正则表达式的 GPS——但如果你不熟悉这片领域,依然很容易迷路。”

查看测评

免责声明:本内容来源于 GitHub 开源项目,仅供展示和评分分析使用。

版权归原作者所有 hackIDLE.