Skip to content

implement phase 2: add 8 new security skills#1

Merged
Vligai merged 1 commit into
mainfrom
claude/implement-next-phase-Hkby3
Mar 1, 2026
Merged

implement phase 2: add 8 new security skills#1
Vligai merged 1 commit into
mainfrom
claude/implement-next-phase-Hkby3

Conversation

@Vligai

@Vligai Vligai commented Mar 1, 2026

Copy link
Copy Markdown
Owner

Adds the next wave of security skills from the roadmap, expanding the
library from 10 to 18 skills across 5 categories.

High-priority additions:

  • Auth Flow Scaffolder: OAuth2/OIDC/JWT/session auth boilerplate with
    security-by-default patterns (PKCE, token rotation, HttpOnly cookies)
  • Dockerfile Security Linter: detects root execution, unverified images,
    hardcoded secrets, exposed ports, and bloated attack surfaces
  • Detection Rule Generator: produces Sigma, Splunk SPL, and KQL rules
    from threat descriptions with MITRE ATT&CK mapping and tuning guidance
  • IaC Scanner: reviews Terraform/CloudFormation for public S3 buckets,
    open security groups, unencrypted storage, and IAM over-permissiveness

Medium-priority additions:

  • SBOM Generator: SPDX 2.3 and CycloneDX 1.5 output with NTIA minimum
    elements, PURL generation, and license compliance analysis
  • CVE Analyzer: contextual impact assessment, affected version ranges,
    exploitability ratings, and prioritized remediation steps
  • Secure API Design Reviewer: OWASP API Top 10 checks against OpenAPI
    specs covering BOLA, auth gaps, data exposure, and rate limiting
  • PR Security Review Checklist: tailored checklists from diff descriptions
    with pre-review red flag detection and security test cases

Also adds a new 'team' skill category for engineering manager skills.
All 72 tests pass.

https://claude.ai/code/session_017WzGg2fxEvniAvQMBM8PEi

Adds the next wave of security skills from the roadmap, expanding the
library from 10 to 18 skills across 5 categories.

High-priority additions:
- Auth Flow Scaffolder: OAuth2/OIDC/JWT/session auth boilerplate with
  security-by-default patterns (PKCE, token rotation, HttpOnly cookies)
- Dockerfile Security Linter: detects root execution, unverified images,
  hardcoded secrets, exposed ports, and bloated attack surfaces
- Detection Rule Generator: produces Sigma, Splunk SPL, and KQL rules
  from threat descriptions with MITRE ATT&CK mapping and tuning guidance
- IaC Scanner: reviews Terraform/CloudFormation for public S3 buckets,
  open security groups, unencrypted storage, and IAM over-permissiveness

Medium-priority additions:
- SBOM Generator: SPDX 2.3 and CycloneDX 1.5 output with NTIA minimum
  elements, PURL generation, and license compliance analysis
- CVE Analyzer: contextual impact assessment, affected version ranges,
  exploitability ratings, and prioritized remediation steps
- Secure API Design Reviewer: OWASP API Top 10 checks against OpenAPI
  specs covering BOLA, auth gaps, data exposure, and rate limiting
- PR Security Review Checklist: tailored checklists from diff descriptions
  with pre-review red flag detection and security test cases

Also adds a new 'team' skill category for engineering manager skills.
All 72 tests pass.

https://claude.ai/code/session_017WzGg2fxEvniAvQMBM8PEi
@Vligai Vligai merged commit b9f1bed into main Mar 1, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants