implement phase 2: add 8 new security skills#1
Merged
Conversation
Adds the next wave of security skills from the roadmap, expanding the library from 10 to 18 skills across 5 categories. High-priority additions: - Auth Flow Scaffolder: OAuth2/OIDC/JWT/session auth boilerplate with security-by-default patterns (PKCE, token rotation, HttpOnly cookies) - Dockerfile Security Linter: detects root execution, unverified images, hardcoded secrets, exposed ports, and bloated attack surfaces - Detection Rule Generator: produces Sigma, Splunk SPL, and KQL rules from threat descriptions with MITRE ATT&CK mapping and tuning guidance - IaC Scanner: reviews Terraform/CloudFormation for public S3 buckets, open security groups, unencrypted storage, and IAM over-permissiveness Medium-priority additions: - SBOM Generator: SPDX 2.3 and CycloneDX 1.5 output with NTIA minimum elements, PURL generation, and license compliance analysis - CVE Analyzer: contextual impact assessment, affected version ranges, exploitability ratings, and prioritized remediation steps - Secure API Design Reviewer: OWASP API Top 10 checks against OpenAPI specs covering BOLA, auth gaps, data exposure, and rate limiting - PR Security Review Checklist: tailored checklists from diff descriptions with pre-review red flag detection and security test cases Also adds a new 'team' skill category for engineering manager skills. All 72 tests pass. https://claude.ai/code/session_017WzGg2fxEvniAvQMBM8PEi
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds the next wave of security skills from the roadmap, expanding the
library from 10 to 18 skills across 5 categories.
High-priority additions:
security-by-default patterns (PKCE, token rotation, HttpOnly cookies)
hardcoded secrets, exposed ports, and bloated attack surfaces
from threat descriptions with MITRE ATT&CK mapping and tuning guidance
open security groups, unencrypted storage, and IAM over-permissiveness
Medium-priority additions:
elements, PURL generation, and license compliance analysis
exploitability ratings, and prioritized remediation steps
specs covering BOLA, auth gaps, data exposure, and rate limiting
with pre-review red flag detection and security test cases
Also adds a new 'team' skill category for engineering manager skills.
All 72 tests pass.
https://claude.ai/code/session_017WzGg2fxEvniAvQMBM8PEi