bagelhole/security-automation
security/operations/security-automation/SKILL.md
Automate security workflows and remediation. Build security pipelines, automate compliance checks, and implement SOAR capabilities. Use when scaling security operations or implementing DevSecOps.
$ install --global
skillsauthnpx skillsauth add bagelhole/devops-security-agent-skills security-automationInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 3, 2026, 5:06 PM5.0s1 file scanned
SKILL.md
- name:
- security-automation
- description:
- Automate security workflows and remediation. Build security pipelines, automate compliance checks, and implement SOAR capabilities. Use when scaling security operations or implementing DevSecOps.
- license:
- MIT
- author:
- devops-skills
- version:
- 1.0
Security Automation
Automate security operations for scale and efficiency.
Security Pipeline
# .github/workflows/security.yml
name: Security Pipeline
on: [push, pull_request]
jobs:
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Secret Scanning
uses: trufflesecurity/trufflehog@main
- name: SAST
uses: returntocorp/semgrep-action@v1
- name: Dependency Scan
run: npm audit --audit-level=high
- name: Container Scan
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
- name: Compliance Check
run: |
checkov -d . --framework terraform
Automated Remediation
# Auto-remediation script
def remediate_public_s3(bucket_name):
"""Remove public access from S3 bucket."""
s3 = boto3.client('s3')
s3.put_public_access_block(
Bucket=bucket_name,
PublicAccessBlockConfiguration={
'BlockPublicAcls': True,
'IgnorePublicAcls': True,
'BlockPublicPolicy': True,
'RestrictPublicBuckets': True
}
)
SOAR Integration
playbook:
name: Suspicious Login Response
trigger: alert.type == "suspicious_login"
actions:
- enrich_ip:
source: threat_intel
- if_condition: ip.is_malicious
then:
- block_ip:
firewall: cloudflare
- disable_user:
duration: 1h
- notify:
channel: security
- create_ticket:
priority: high
Compliance as Code
# Checkov custom check
from checkov.terraform.checks.resource.base_resource_check import BaseResourceCheck
class S3Encryption(BaseResourceCheck):
def __init__(self):
name = "Ensure S3 bucket has encryption enabled"
id = "CUSTOM_S3_1"
supported_resources = ['aws_s3_bucket']
super().__init__(name=name, id=id, ...)
def scan_resource_conf(self, conf):
if 'server_side_encryption_configuration' in conf:
return CheckResult.PASSED
return CheckResult.FAILED
Best Practices
- Start with high-impact automations
- Test in staging first
- Include manual review gates
- Monitor automation effectiveness
- Regular rule updates
Related Skills
- github-actions - CI/CD automation
- policy-as-code - Policy enforcement
Related Skills
bagelhole/sre-dashboards
development
VerifiedTrustedCommunity
Design and operationalize SRE dashboards that surface reliability, latency, error, saturation, and capacity signals across services. Use when building observability views for SLOs, incident response, and executive reliability reporting.
28SKILL.mdUpdated May 23, 2026
bagelhole/openclaw-security-hardening
testing
VerifiedTrustedCommunity
Harden OpenClaw self-hosted environments with baseline host controls, auth tightening, secret handling, network segmentation, and safe update/rollback workflows. Use when deploying OpenClaw in home labs, startups, or production-like local AI infrastructure.
28SKILL.mdUpdated Apr 3, 2026
bagelhole/vector-database-ops
devops
VerifiedTrustedCommunity
Deploy, manage, and optimize vector databases for AI applications. Covers Qdrant, Weaviate, pgvector, and Pinecone — collection management, indexing strategies, backup, and performance tuning for production RAG and semantic search workloads.
28SKILL.mdUpdated Apr 3, 2026
bagelhole/model-serving-kubernetes
testing
VerifiedTrustedCommunity
Deploy ML models on Kubernetes with KServe (formerly KFServing) and NVIDIA Triton Inference Server. Includes canary deployments, autoscaling, model versioning, A/B testing, and GPU resource management for production model serving.
28SKILL.mdUpdated Apr 3, 2026