agentsecops/skill-name
skills/_template/SKILL.md
[REQUIRED] Comprehensive description of what this skill does and when to use it. Include: (1) Primary functionality, (2) Specific use cases, (3) Security operations context. Must include specific "Use when:" clause for skill discovery. Example: "SAST vulnerability analysis and remediation guidance using Semgrep and industry security standards. Use when: (1) Analyzing static code for security vulnerabilities, (2) Prioritizing security findings by severity, (3) Providing secure coding remediation, (4) Integrating security checks into CI/CD pipelines." Maximum 1024 characters.
$ install --global
skillsauthnpx skillsauth add agentsecops/secopsagentkit skill-nameInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 30, 2026, 4:54 PM57.0s5 files scanned
SKILL.md
- name:
- skill-name
- description:
- >
- Include:
- (1) Primary functionality, (2) Specific use cases, (3) Security operations context.
- Must include specific "Use when:
- clause for skill discovery.
- Example:
- SAST vulnerability analysis and remediation guidance using Semgrep and industry
- security standards. Use when:
- (1) Analyzing static code for security vulnerabilities,
- version:
- 0.1.0
- maintainer:
- your-github-username
- category:
- [appsec|devsecops|secsdlc|threatmodel|compliance|incident-response]
- tags:
- [relevant, security, tags]
- frameworks:
- [OWASP|CWE|MITRE-ATT&CK|NIST|SOC2]
<!--
PROGRESSIVE DISCLOSURE GUIDELINES:
- Keep this SKILL.md file under 500 lines
- Only include core workflows and common patterns here
- Move detailed content to references/ directory
- Link clearly to when references should be consulted
- See: references/WORKFLOW_CHECKLIST.md for workflow pattern examples
- Challenge every sentence: "Does Claude really need this?"
-->
Scripts (
References (
Assets (
Skill Name
Overview
Brief overview of what this skill provides and its security operations context.
Quick Start
Provide the minimal example to get started immediately:
# Example command or workflow
tool-name --option value
Core Workflow
Sequential Workflow
For straightforward step-by-step operations:
- First action with specific command or operation
- Second action with expected output or validation
- Third action with decision points if needed
Workflow Checklist (for complex operations)
For complex multi-step operations, use a checkable workflow:
Progress: [ ] 1. Initial setup and configuration [ ] 2. Run primary security scan or analysis [ ] 3. Review findings and classify by severity [ ] 4. Apply remediation patterns [ ] 5. Validate fixes with re-scan [ ] 6. Document findings and generate report
Work through each step systematically. Check off completed items.
For more workflow patterns, see references/WORKFLOW_CHECKLIST.md
Feedback Loop Pattern (for validation)
When validation and iteration are needed:
- Generate initial output (configuration, code, etc.)
- Run validation:
./scripts/validator_example.py output.yaml - Review validation errors and warnings
- Fix identified issues
- Repeat steps 2-4 until validation passes
- Apply the validated output
Note: Move detailed validation criteria to references/ if complex.
Security Considerations
- Sensitive Data Handling: Guidance on handling secrets, credentials, PII
- Access Control: Required permissions and authorization contexts
- Audit Logging: What should be logged for security auditing
- Compliance: Relevant compliance requirements (SOC2, GDPR, etc.)
Bundled Resources
Scripts (scripts/)
Executable scripts for deterministic operations. Use scripts for low-freedom operations requiring consistency.
example_script.py- Python script template with argparse, error handling, and JSON outputexample_script.sh- Bash script template with argument parsing and colored outputvalidator_example.py- Validation script demonstrating feedback loop pattern
When to use scripts:
- Deterministic operations that must be consistent
- Complex parsing or data transformation
- Validation and quality checks
References (references/)
On-demand documentation loaded when needed. Keep SKILL.md concise by moving detailed content here.
EXAMPLE.md- Template for reference documentation with security standards sectionsWORKFLOW_CHECKLIST.md- Multiple workflow pattern examples (sequential, conditional, iterative, feedback loop)
When to use references:
- Detailed framework mappings (OWASP, CWE, MITRE ATT&CK)
- Advanced configuration options
- Language-specific patterns
- Content exceeding 100 lines
Assets (assets/)
Templates and configuration files used in output (not loaded into context). These are referenced but not read until needed.
ci-config-template.yml- Security-enhanced CI/CD pipeline with SAST, dependency scanning, secrets detectionrule-template.yaml- Security rule template with OWASP/CWE mappings and remediation guidance
When to use assets:
- Configuration templates
- Policy templates
- Boilerplate secure code
- CI/CD pipeline examples
Common Patterns
Pattern 1: [Pattern Name]
Description and example of common usage pattern.
Pattern 2: [Pattern Name]
Additional patterns as needed.
Integration Points
- CI/CD: How this integrates with build pipelines
- Security Tools: Compatible security scanning/monitoring tools
- SDLC: Where this fits in the secure development lifecycle
Troubleshooting
Issue: [Common Problem]
Solution: Steps to resolve.
References
- Tool Documentation
- Security Framework
- Compliance Standard
Related Skills
agentsecops/privesc-linpeas
testing
VerifiedTrustedCommunity
Linux privilege escalation enumeration and attack surface analysis using LinPEAS (Linux Privilege Escalation Awesome Script). Automates post-exploitation discovery of escalation vectors, misconfigurations, and credential exposure on Linux targets. Use when: (1) Enumerating privilege escalation vectors after initial access on a Linux system, (2) Identifying SUID/SGID binaries, sudo misconfigurations, and capability abuses, (3) Hunting for credentials in config files, history, and logs, (4) Detecting container breakout opportunities and writable service files, (5) Mapping kernel exploits and CVE exposure for a target system, (6) Conducting authorized CTF, red team, or penetration test post-exploitation phases.
110SKILL.mdUpdated Apr 16, 2026
agentsecops/ot-security-assessment
development
VerifiedTrustedCommunity
Operational Technology (OT) security assessment using a two-stage methodology: (1) Identification/Discovery of OT devices and protocols, and (2) Vulnerability Assessment using online sources and Metasploit. Use when: (1) Conducting authorized OT/ICS security assessments, (2) Identifying and enumerating OT protocols (Modbus, S7, IEC 104, DNP3, BACnet, EtherNet/IP), (3) Discovering industrial control devices and PLCs, (4) Assessing OT protocol vulnerabilities and security weaknesses, (5) Performing compliance scanning aligned with IEC 62443 standards, (6) Validating network segmentation and access controls in OT environments.
110SKILL.mdUpdated Apr 16, 2026
agentsecops/vuln-defectdojo
tools
VerifiedTrustedCommunity
Vulnerability management and findings aggregation using DefectDojo. Centralizes security findings from all SecOpsAgentKit scanners (Semgrep, Bandit, ZAP, Trivy, Grype, Gitleaks, Nuclei, Checkov, Horusec) into a unified platform with automatic deduplication, SLA tracking, risk-based prioritization, and compliance reporting. Use when: (1) Aggregating findings from multiple scanners across products and pipelines, (2) Tracking remediation status and SLA compliance against policy thresholds, (3) Deduplicating overlapping findings across security tools, (4) Generating vulnerability reports for compliance audits (SOC2, PCI-DSS, GDPR), (5) Managing security debt and vulnerability backlog across teams and applications.
110SKILL.mdUpdated Apr 16, 2026
agentsecops/pytm
tools
VerifiedTrustedCommunity
Python-based threat modeling using pytm library for programmatic STRIDE analysis, data flow diagram generation, and automated security threat identification. Use when: (1) Creating threat models programmatically using Python code, (2) Generating data flow diagrams (DFDs) with automatic STRIDE threat identification, (3) Integrating threat modeling into CI/CD pipelines and shift-left security practices, (4) Analyzing system architecture for security threats across trust boundaries, (5) Producing threat reports with STRIDE categories and mitigation recommendations, (6) Maintaining threat models as code for version control and automation.
82SKILL.mdUpdated Mar 27, 2026