ggp1/internal/skills/catalog/chown
internal/skills/catalog/chown/SKILL.md
# chown — File Ownership Management ## Category System Hardening ## License GPLv3+ (GNU coreutils) ## Source https://github.com/coreutils/coreutils (included in all Linux distributions) ## Purpose Change file and directory ownership (user and group). Companion to `chmod` — together they provide complete file access control. ## Use Cases - Restore correct ownership on system files tampered by an attacker - Set ownership on newly created configuration files - Ensure sensitive files (shadow, S
development
Updated Apr 21, 2026
$ install --global
skillsauthnpx skillsauth add ggp1/mitiga internal/skills/catalog/chownInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 21, 2026, 7:03 PM118.6s1 file scanned
SKILL.md
chown — File Ownership Management
Category
System Hardening
License
GPLv3+ (GNU coreutils)
Source
https://github.com/coreutils/coreutils (included in all Linux distributions)
Purpose
Change file and directory ownership (user and group). Companion to chmod — together they provide complete file access control.
Use Cases
- Restore correct ownership on system files tampered by an attacker
- Set ownership on newly created configuration files
- Ensure sensitive files (shadow, SSH keys, TLS certs) are owned by the correct user/group
- Audit and remediate ownership drift from security baselines
Examples
# Set correct ownership on shadow file
chown mitiga:shadow /etc/shadow
# Fix SSH directory ownership
chown -R mitiga:mitiga /etc/ssh/
# Set ownership on TLS certificates
chown mitiga:ssl-cert /etc/ssl/private/mitiga.key
# Verify current ownership before changing (use stat first)
stat -c '%U:%G %a %n' /etc/shadow
chown mitiga:shadow /etc/shadow
# Recursively fix ownership on a config directory
chown -R mitiga:mitiga /etc/mitiga/
Safety Notes
- All ownership changes require explicit system manager approval unless correcting a known-bad state detected during hardening.
- Always verify current ownership with
statbefore modifying. Log the before-and-after state. - Incorrect ownership can break services, prevent logins, or create privilege escalation vectors.
- Use
-R(recursive) with extreme caution — verify the target path is correct. - Never change ownership of running system binaries without a restart plan.
Related Skills
ggp1/internal/skills/catalog/who
development
VerifiedTrustedCommunity
# who / w — Logged-in Users ## Category User & Group Management ## License GPLv3+ (GNU coreutils) / GPLv2 (procps-ng) ## Source Included in all Linux distributions. ## Purpose Show who is currently logged in and what they are doing. ## Use Cases - Detect unauthorized active sessions - Monitor interactive logins in real-time - Identify login sources (IP, terminal) - Review idle times for active sessions ## Examples ```bash # All login information who -a # Currently logged-in users with act
SKILL.mdUpdated Apr 21, 2026
ggp1/internal/skills/catalog/useradd
development
VerifiedTrustedCommunity
# useradd / usermod / userdel — User Account Management ## Category User & Group Management ## License BSD-3-Clause (shadow-utils) ## Source https://github.com/shadow-maint/shadow (included in all Linux distributions) ## Purpose Create, modify, and delete user accounts. ## Use Cases - Create service accounts for Mitiga components - Modify user group memberships - Disable or remove compromised accounts - Audit account configurations ## Examples ```bash # Create a system service account (no
SKILL.mdUpdated Apr 21, 2026
ggp1/internal/skills/catalog/ufw
development
VerifiedTrustedCommunity
# ufw — Uncomplicated Firewall ## Category System Hardening ## License GPLv3 ## Source https://code.launchpad.net/ufw (included in Ubuntu/Debian) ## Purpose Simplified interface for managing iptables/nftables rules. ## Use Cases - Quick firewall status checks - Rule modifications on systems using ufw - Block malicious sources during incident response ## Examples ```bash # Show firewall status and rules ufw status verbose # Block a malicious IP ufw deny from <malicious_ip> # Allow a speci
SKILL.mdUpdated Apr 21, 2026
ggp1/internal/skills/catalog/trivy
development
VerifiedTrustedCommunity
# trivy — Comprehensive Vulnerability Scanner ## Category Vulnerability Scanning ## License Apache 2.0 ## Source https://github.com/aquasecurity/trivy (CNCF project) ## Purpose Scan filesystems, container images, Git repositories, and IaC configurations for known vulnerabilities (CVEs), misconfigurations, and exposed secrets. ## Use Cases - Audit project dependencies for known CVEs - Scan configuration files for misconfigurations - Detect embedded secrets in repositories - Scan container im
SKILL.mdUpdated Apr 21, 2026