ggp1/internal/skills/catalog/coreutils
internal/skills/catalog/coreutils/SKILL.md
# coreutils — General System Utilities ## Category General System Utilities ## License GPLv2/GPLv3+ (GNU coreutils, util-linux, procps-ng) ## Source - https://github.com/coreutils/coreutils - https://github.com/util-linux/util-linux - https://gitlab.com/procps-ng/procps Included in every Linux distribution. ## Purpose Standard GNU/Linux utilities used as building blocks in agent operations — file inspection, text processing, system information gathering. ## Tools ### File & Text Processin
tools
Updated Apr 21, 2026
$ install --global
skillsauthnpx skillsauth add ggp1/mitiga internal/skills/catalog/coreutilsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 21, 2026, 7:04 PM122.2s1 file scanned
SKILL.md
coreutils — General System Utilities
Category
General System Utilities
License
GPLv2/GPLv3+ (GNU coreutils, util-linux, procps-ng)
Source
- https://github.com/coreutils/coreutils
- https://github.com/util-linux/util-linux
- https://gitlab.com/procps-ng/procps
Included in every Linux distribution.
Purpose
Standard GNU/Linux utilities used as building blocks in agent operations — file inspection, text processing, system information gathering.
Tools
File & Text Processing
| Tool | Purpose | Example |
|---|---|---|
| cat | Read file contents | cat /etc/os-release |
| head | Read beginning of files | head -n 50 /var/log/auth.log |
| tail | Read end of files | tail -n 100 /var/log/auth.log |
| grep | Pattern matching in text | grep -r "PermitRootLogin" /etc/ssh/ |
| awk | Text processing and field extraction | awk -F: '$3==0 {print $1}' /etc/passwd |
| sed | Stream editing | sed -n '/Failed password/p' /var/log/auth.log |
| wc | Line/word/byte counting | wc -l /var/log/auth.log |
| diff | File comparison | diff /etc/ssh/sshd_config sshd_config.baseline |
| sort | Sort lines | sort -rn access.log |
| uniq | Deduplicate adjacent lines | sort access.log \| uniq -c \| sort -rn |
| cut | Field extraction | cut -d: -f1 /etc/passwd |
| file | File type identification | file /usr/local/bin/mitiga |
| ldd | Shared library dependencies | ldd /usr/local/bin/suspicious_binary |
System Information
| Tool | Purpose | Example |
|---|---|---|
| uname | System and kernel information | uname -a |
| hostname | System hostname | hostname -f |
| date | Timestamps | date -u +%Y-%m-%dT%H:%M:%SZ |
| uptime | System uptime and load | uptime |
| free | Memory usage | free -h |
| df | Disk usage (filesystem level) | df -h |
| du | Disk usage (directory level) | du -sh /var/log/* |
| mount | Mounted filesystems | mount \| grep -E 'nosuid\|noexec' |
| env | Environment variables | env \| grep MITIGA_ |
| dmesg | Kernel ring buffer | dmesg -T --level=err,warn |
Safety Notes
- All read-only utilities listed here are safe to run at any time.
sedwith-i(in-place editing) modifies files — avoid unless explicitly authorized.lddshould not be run on untrusted binaries (it may execute them); useobjdump -pas a safer alternative for unknown binaries.- Never pipe untrusted data directly into commands that can execute code (e.g.,
awk,sedwith system calls).
Related Skills
ggp1/internal/skills/catalog/who
development
VerifiedTrustedCommunity
# who / w — Logged-in Users ## Category User & Group Management ## License GPLv3+ (GNU coreutils) / GPLv2 (procps-ng) ## Source Included in all Linux distributions. ## Purpose Show who is currently logged in and what they are doing. ## Use Cases - Detect unauthorized active sessions - Monitor interactive logins in real-time - Identify login sources (IP, terminal) - Review idle times for active sessions ## Examples ```bash # All login information who -a # Currently logged-in users with act
SKILL.mdUpdated Apr 21, 2026
ggp1/internal/skills/catalog/useradd
development
VerifiedTrustedCommunity
# useradd / usermod / userdel — User Account Management ## Category User & Group Management ## License BSD-3-Clause (shadow-utils) ## Source https://github.com/shadow-maint/shadow (included in all Linux distributions) ## Purpose Create, modify, and delete user accounts. ## Use Cases - Create service accounts for Mitiga components - Modify user group memberships - Disable or remove compromised accounts - Audit account configurations ## Examples ```bash # Create a system service account (no
SKILL.mdUpdated Apr 21, 2026
ggp1/internal/skills/catalog/ufw
development
VerifiedTrustedCommunity
# ufw — Uncomplicated Firewall ## Category System Hardening ## License GPLv3 ## Source https://code.launchpad.net/ufw (included in Ubuntu/Debian) ## Purpose Simplified interface for managing iptables/nftables rules. ## Use Cases - Quick firewall status checks - Rule modifications on systems using ufw - Block malicious sources during incident response ## Examples ```bash # Show firewall status and rules ufw status verbose # Block a malicious IP ufw deny from <malicious_ip> # Allow a speci
SKILL.mdUpdated Apr 21, 2026
ggp1/internal/skills/catalog/trivy
development
VerifiedTrustedCommunity
# trivy — Comprehensive Vulnerability Scanner ## Category Vulnerability Scanning ## License Apache 2.0 ## Source https://github.com/aquasecurity/trivy (CNCF project) ## Purpose Scan filesystems, container images, Git repositories, and IaC configurations for known vulnerabilities (CVEs), misconfigurations, and exposed secrets. ## Use Cases - Audit project dependencies for known CVEs - Scan configuration files for misconfigurations - Detect embedded secrets in repositories - Scan container im
SKILL.mdUpdated Apr 21, 2026