Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

ggp1/internal/skills/catalog/clamav

Name: internal/skills/catalog/clamav
Author: ggp1

internal/skills/catalog/clamav/SKILL.md

npx skillsauth add ggp1/mitiga internal/skills/catalog/clamav

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

clamav — Antivirus Engine

License

GPLv2

Source

https://github.com/Cisco-Talos/clamav (Cisco Talos)

Purpose

Open-source antivirus engine for detecting trojans, viruses, malware, and other malicious payloads.

Use Cases

Scan files and directories for known malware signatures
Verify downloaded artifacts for malicious content
Periodic malware sweeps of critical directories
Incident response file analysis

Examples

# Recursive scan with infected-only output
clamscan --recursive --infected --log=clamscan.log /path/to/scan

# Scan a specific file
clamscan /path/to/suspicious_file

# Scan with no file size limit
clamscan --recursive --infected --max-filesize=0 --max-scansize=0 /path/to/scan

Safety Notes

Read-only scanning — does not modify or delete files by default.
Signature database updates (freshclam) require system manager approval as they involve network access.
Do not use --remove flag without explicit system manager approval.

ggp1/internal/skills/catalog/clamav

internal/skills/catalog/clamav/SKILL.md

# clamav — Antivirus Engine ## Category Malware & Rootkit Detection ## License GPLv2 ## Source https://github.com/Cisco-Talos/clamav (Cisco Talos) ## Purpose Open-source antivirus engine for detecting trojans, viruses, malware, and other malicious payloads. ## Use Cases - Scan files and directories for known malware signatures - Verify downloaded artifacts for malicious content - Periodic malware sweeps of critical directories - Incident response file analysis ## Examples ```bash # Recursi

development

Updated Apr 21, 2026

$ install --global

skillsauth

npx skillsauth add ggp1/mitiga internal/skills/catalog/clamav

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 21, 2026, 7:04 PM135.1s1 file scanned

SKILL.md

clamav — Antivirus Engine

License

GPLv2

Source

https://github.com/Cisco-Talos/clamav (Cisco Talos)

Purpose

Open-source antivirus engine for detecting trojans, viruses, malware, and other malicious payloads.

Use Cases

Scan files and directories for known malware signatures
Verify downloaded artifacts for malicious content
Periodic malware sweeps of critical directories
Incident response file analysis

Examples

# Recursive scan with infected-only output
clamscan --recursive --infected --log=clamscan.log /path/to/scan

# Scan a specific file
clamscan /path/to/suspicious_file

# Scan with no file size limit
clamscan --recursive --infected --max-filesize=0 --max-scansize=0 /path/to/scan

Safety Notes

Read-only scanning — does not modify or delete files by default.
Signature database updates (freshclam) require system manager approval as they involve network access.
Do not use --remove flag without explicit system manager approval.

Related Skills

ggp1/internal/skills/catalog/who

development

VerifiedTrustedCommunity

# who / w — Logged-in Users ## Category User & Group Management ## License GPLv3+ (GNU coreutils) / GPLv2 (procps-ng) ## Source Included in all Linux distributions. ## Purpose Show who is currently logged in and what they are doing. ## Use Cases - Detect unauthorized active sessions - Monitor interactive logins in real-time - Identify login sources (IP, terminal) - Review idle times for active sessions ## Examples ```bash # All login information who -a # Currently logged-in users with act

SKILL.mdUpdated Apr 21, 2026

ggp1/internal/skills/catalog/who

ggp1/internal/skills/catalog/useradd

development

VerifiedTrustedCommunity

# useradd / usermod / userdel — User Account Management ## Category User & Group Management ## License BSD-3-Clause (shadow-utils) ## Source https://github.com/shadow-maint/shadow (included in all Linux distributions) ## Purpose Create, modify, and delete user accounts. ## Use Cases - Create service accounts for Mitiga components - Modify user group memberships - Disable or remove compromised accounts - Audit account configurations ## Examples ```bash # Create a system service account (no

SKILL.mdUpdated Apr 21, 2026

ggp1/internal/skills/catalog/useradd

ggp1/internal/skills/catalog/ufw

development

VerifiedTrustedCommunity

# ufw — Uncomplicated Firewall ## Category System Hardening ## License GPLv3 ## Source https://code.launchpad.net/ufw (included in Ubuntu/Debian) ## Purpose Simplified interface for managing iptables/nftables rules. ## Use Cases - Quick firewall status checks - Rule modifications on systems using ufw - Block malicious sources during incident response ## Examples ```bash # Show firewall status and rules ufw status verbose # Block a malicious IP ufw deny from <malicious_ip> # Allow a speci

SKILL.mdUpdated Apr 21, 2026

ggp1/internal/skills/catalog/ufw

ggp1/internal/skills/catalog/trivy

development

VerifiedTrustedCommunity

# trivy — Comprehensive Vulnerability Scanner ## Category Vulnerability Scanning ## License Apache 2.0 ## Source https://github.com/aquasecurity/trivy (CNCF project) ## Purpose Scan filesystems, container images, Git repositories, and IaC configurations for known vulnerabilities (CVEs), misconfigurations, and exposed secrets. ## Use Cases - Audit project dependencies for known CVEs - Scan configuration files for misconfigurations - Detect embedded secrets in repositories - Scan container im

SKILL.mdUpdated Apr 21, 2026

ggp1/internal/skills/catalog/trivy

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/ggp1/mitiga.git

# Copy into Claude Code skills folder (global)
cp -r mitiga/internal/skills/catalog/clamav ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

ggp1/mitiga

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT