Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

a5c-ai/security-hardening

Name: security-hardening
Author: a5c-ai

library/methodologies/ruflo/skills/security-hardening/SKILL.md

npx skillsauth add a5c-ai/babysitter security-hardening

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Security Hardening

Overview

Multi-layered security audit pipeline implementing the AIDefence architecture. Protects against prompt injection, path traversal, and other attack vectors while ensuring compliance with security best practices.

When to Use

Before deploying code to production
When processing untrusted inputs
Security audits of agent-generated code
Compliance verification (OWASP Top 10, CIS)

AIDefence Layers

Prompt Injection Detection - Pattern + heuristic blocking
Input Validation - Path traversal, type coercion, parameter sanitization
Static Analysis (SAST) - Vulnerability scanning, CWE matching
Sandboxed Execution - Network isolation, filesystem restrictions, resource limits
Output Sanitization - Secrets, PII, injection vector redaction

Security Levels

| Level | Layers | Use Case | |-------|--------|----------| | standard | SAST + validation + sanitization | Routine audits | | elevated | + threat modeling + compliance | Pre-release audits | | maximum | + sandbox + full STRIDE + remediation | Critical systems |

Agents Used

agents/security-auditor/ - Vulnerability detection
agents/reviewer/ - Code quality verification

Tool Use

Invoke via babysitter process: methodologies/ruflo/ruflo-security-audit

a5c-ai/security-hardening

library/methodologies/ruflo/skills/security-hardening/SKILL.md

AIDefence security layer with prompt injection blocking, input validation, sandboxed execution, output sanitization, and STRIDE threat modeling.

510 stars

testing

Updated Mar 31, 2026

$ install --global

skillsauth

npx skillsauth add a5c-ai/babysitter security-hardening

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 1, 2026, 12:19 PM60.7s2 files scanned

SKILL.md

name:: security-hardening
description:: AIDefence security layer with prompt injection blocking, input validation, sandboxed execution, output sanitization, and STRIDE threat modeling.
allowed-tools:: Read, Write, Edit, Bash, Grep, Glob, WebFetch, WebSearch, Agent, AskUserQuestion

Security Hardening

Overview

When to Use

Before deploying code to production
When processing untrusted inputs
Security audits of agent-generated code
Compliance verification (OWASP Top 10, CIS)

AIDefence Layers

Prompt Injection Detection - Pattern + heuristic blocking
Input Validation - Path traversal, type coercion, parameter sanitization
Static Analysis (SAST) - Vulnerability scanning, CWE matching
Sandboxed Execution - Network isolation, filesystem restrictions, resource limits
Output Sanitization - Secrets, PII, injection vector redaction

Security Levels

Agents Used

agents/security-auditor/ - Vulnerability detection
agents/reviewer/ - Code quality verification

Tool Use

Invoke via babysitter process: methodologies/ruflo/ruflo-security-audit

Related Skills

a5c-ai/model-card-generator

development

VerifiedTrustedCommunity

Model documentation skill for generating model cards following Google's model card framework.

680SKILL.mdUpdated Apr 28, 2026

a5c-ai/model-card-generator

a5c-ai/mlflow-experiment-tracker

development

VerifiedTrustedCommunity

MLflow integration skill for experiment tracking, model registry, and artifact management. Enables LLMs to log experiments, compare runs, manage model lifecycle, and retrieve artifacts through the MLflow API.

680SKILL.mdUpdated Apr 28, 2026

a5c-ai/mlflow-experiment-tracker

a5c-ai/lime-explainer

data-ai

VerifiedTrustedCommunity

LIME-based local explanation skill for individual predictions across tabular, text, and image data.

680SKILL.mdUpdated Apr 28, 2026

a5c-ai/lime-explainer

a5c-ai/kubeflow-pipeline-executor

devops

VerifiedTrustedCommunity

Kubeflow Pipelines skill for ML workflow orchestration, component management, and Kubernetes-native ML.

680SKILL.mdUpdated Apr 28, 2026

a5c-ai/kubeflow-pipeline-executor

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/a5c-ai/babysitter.git

# Copy into Claude Code skills folder (global)
cp -r babysitter/library/methodologies/ruflo/skills/security-hardening ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

a5c-ai/babysitter

510 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT