a5c-ai/multi-cloud-security-posture
library/specializations/security-compliance/skills/multi-cloud-security-posture/SKILL.md
Unified cloud security posture management across AWS, Azure, and GCP with normalized metrics and CIS benchmark comparison
$ install --global
skillsauthnpx skillsauth add a5c-ai/babysitter multi-cloud-security-postureInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 2, 2026, 2:04 PM52.9s2 files scanned
SKILL.md
- name:
- multi-cloud-security-posture
- description:
- Unified cloud security posture management across AWS, Azure, and GCP with normalized metrics and CIS benchmark comparison
Multi-Cloud Security Posture Skill
Purpose
Unified cloud security posture management (CSPM) across AWS, Azure, and GCP to aggregate findings, normalize security metrics, compare against CIS benchmarks, and provide a consolidated view of multi-cloud security.
Capabilities
Cross-Cloud Finding Aggregation
- Collect findings from AWS, Azure, and GCP
- Aggregate results from cloud-native security tools
- Import findings from third-party CSPM tools
- Deduplicate findings across environments
- Correlate related issues across clouds
Metric Normalization
- Standardize severity ratings across clouds
- Normalize finding categories
- Create unified compliance metrics
- Calculate aggregate risk scores
- Generate comparable security ratings
CIS Benchmark Comparison
- Apply CIS benchmarks across all clouds
- Compare security posture against benchmarks
- Track benchmark compliance over time
- Identify benchmark drift
- Generate benchmark compliance reports
Remediation Status Tracking
- Track remediation across all clouds
- Monitor fix verification status
- Calculate mean time to remediate (MTTR)
- Generate remediation progress reports
- Prioritize cross-cloud remediation efforts
Unified Reporting
- Generate executive dashboards
- Create technical detail reports
- Produce compliance comparison matrices
- Build trend analysis reports
- Export data for external tools
Drift Detection and Alerting
- Monitor configuration drift
- Alert on security posture degradation
- Detect new non-compliant resources
- Track policy violations
- Send real-time notifications
Normalized Categories
| Category | AWS | Azure | GCP | |----------|-----|-------|-----| | Identity | IAM | Azure AD | Cloud IAM | | Compute | EC2, Lambda | VMs, Functions | Compute, Functions | | Storage | S3, EBS | Storage Accounts | Cloud Storage | | Network | VPC, SGs | VNet, NSGs | VPC, Firewall | | Database | RDS, DynamoDB | SQL, Cosmos | Cloud SQL, Spanner | | Encryption | KMS | Key Vault | Cloud KMS | | Logging | CloudTrail | Activity Log | Audit Logs |
Compliance Frameworks
- CIS Benchmarks (AWS, Azure, GCP)
- SOC 2 Type II
- PCI DSS v4.0
- HIPAA Security Rule
- ISO 27001
- NIST 800-53
- FedRAMP
Integrations
- Cloud Provider APIs: AWS, Azure, GCP native tools
- Wiz: Cloud security platform
- Orca Security: Agentless cloud security
- Prisma Cloud: Multi-cloud CSPM
- Lacework: Cloud security and compliance
- Cloud Custodian: Cloud governance as code
Target Processes
- Cloud Security Architecture Review
- Continuous Compliance Monitoring
- Multi-Cloud Governance
- Security Posture Reporting
Input Schema
{
"type": "object",
"properties": {
"cloudProviders": {
"type": "array",
"items": {
"type": "string",
"enum": ["AWS", "Azure", "GCP"]
},
"description": "Cloud providers to include"
},
"awsAccounts": {
"type": "array",
"items": { "type": "string" }
},
"azureSubscriptions": {
"type": "array",
"items": { "type": "string" }
},
"gcpProjects": {
"type": "array",
"items": { "type": "string" }
},
"complianceFrameworks": {
"type": "array",
"items": {
"type": "string",
"enum": ["CIS", "SOC2", "PCI-DSS", "HIPAA", "ISO27001", "NIST", "FedRAMP"]
}
},
"reportingPeriod": {
"type": "object",
"properties": {
"startDate": { "type": "string", "format": "date" },
"endDate": { "type": "string", "format": "date" }
}
},
"severityThreshold": {
"type": "string",
"enum": ["critical", "high", "medium", "low"]
},
"includeRemediationStatus": {
"type": "boolean"
}
},
"required": ["cloudProviders"]
}
Output Schema
{
"type": "object",
"properties": {
"reportId": {
"type": "string"
},
"reportTimestamp": {
"type": "string",
"format": "date-time"
},
"cloudsCovered": {
"type": "array"
},
"overallPosture": {
"type": "object",
"properties": {
"aggregateScore": { "type": "number" },
"riskLevel": { "type": "string" },
"trend": { "type": "string", "enum": ["improving", "stable", "degrading"] }
}
},
"postureByCloud": {
"type": "object",
"properties": {
"AWS": {
"type": "object",
"properties": {
"score": { "type": "number" },
"findings": { "type": "integer" },
"criticalFindings": { "type": "integer" }
}
},
"Azure": { "type": "object" },
"GCP": { "type": "object" }
}
},
"findingsByCategory": {
"type": "object",
"properties": {
"identity": { "type": "integer" },
"compute": { "type": "integer" },
"storage": { "type": "integer" },
"network": { "type": "integer" },
"encryption": { "type": "integer" },
"logging": { "type": "integer" }
}
},
"complianceStatus": {
"type": "object"
},
"topFindings": {
"type": "array",
"items": {
"type": "object",
"properties": {
"cloud": { "type": "string" },
"category": { "type": "string" },
"severity": { "type": "string" },
"count": { "type": "integer" },
"description": { "type": "string" }
}
}
},
"remediationProgress": {
"type": "object",
"properties": {
"totalFindings": { "type": "integer" },
"remediated": { "type": "integer" },
"inProgress": { "type": "integer" },
"pending": { "type": "integer" },
"mttr": { "type": "string" }
}
},
"recommendations": {
"type": "array",
"items": { "type": "string" }
}
}
}
Usage Example
skill: {
name: 'multi-cloud-security-posture',
context: {
cloudProviders: ['AWS', 'Azure', 'GCP'],
awsAccounts: ['123456789012'],
azureSubscriptions: ['sub-id-1'],
gcpProjects: ['my-project'],
complianceFrameworks: ['CIS', 'SOC2'],
includeRemediationStatus: true
}
}
Related Skills
a5c-ai/model-card-generator
development
VerifiedTrustedCommunity
Model documentation skill for generating model cards following Google's model card framework.
680SKILL.mdUpdated Apr 28, 2026
a5c-ai/mlflow-experiment-tracker
development
VerifiedTrustedCommunity
MLflow integration skill for experiment tracking, model registry, and artifact management. Enables LLMs to log experiments, compare runs, manage model lifecycle, and retrieve artifacts through the MLflow API.
680SKILL.mdUpdated Apr 28, 2026
a5c-ai/lime-explainer
data-ai
VerifiedTrustedCommunity
LIME-based local explanation skill for individual predictions across tabular, text, and image data.
680SKILL.mdUpdated Apr 28, 2026
a5c-ai/kubeflow-pipeline-executor
devops
VerifiedTrustedCommunity
Kubeflow Pipelines skill for ML workflow orchestration, component management, and Kubernetes-native ML.
680SKILL.mdUpdated Apr 28, 2026