158 lines
5.0 KiB
Markdown
158 lines
5.0 KiB
Markdown
---
|
|
name: skill-name
|
|
description: >
|
|
[REQUIRED] Comprehensive description of what this skill does and when to use it.
|
|
Include: (1) Primary functionality, (2) Specific use cases, (3) Security operations context.
|
|
Must include specific "Use when:" clause for skill discovery.
|
|
Example: "SAST vulnerability analysis and remediation guidance using Semgrep and industry
|
|
security standards. Use when: (1) Analyzing static code for security vulnerabilities,
|
|
(2) Prioritizing security findings by severity, (3) Providing secure coding remediation,
|
|
(4) Integrating security checks into CI/CD pipelines."
|
|
Maximum 1024 characters.
|
|
version: 0.1.0
|
|
maintainer: your-github-username
|
|
category: [appsec|devsecops|secsdlc|threatmodel|compliance|incident-response]
|
|
tags: [relevant, security, tags]
|
|
frameworks: [OWASP|CWE|MITRE-ATT&CK|NIST|SOC2]
|
|
---
|
|
|
|
<!--
|
|
PROGRESSIVE DISCLOSURE GUIDELINES:
|
|
- Keep this SKILL.md file under 500 lines
|
|
- Only include core workflows and common patterns here
|
|
- Move detailed content to references/ directory
|
|
- Link clearly to when references should be consulted
|
|
- See: references/WORKFLOW_CHECKLIST.md for workflow pattern examples
|
|
- Challenge every sentence: "Does Claude really need this?"
|
|
-->
|
|
|
|
# Skill Name
|
|
|
|
## Overview
|
|
|
|
Brief overview of what this skill provides and its security operations context.
|
|
|
|
## Quick Start
|
|
|
|
Provide the minimal example to get started immediately:
|
|
|
|
```bash
|
|
# Example command or workflow
|
|
tool-name --option value
|
|
```
|
|
|
|
## Core Workflow
|
|
|
|
### Sequential Workflow
|
|
|
|
For straightforward step-by-step operations:
|
|
|
|
1. First action with specific command or operation
|
|
2. Second action with expected output or validation
|
|
3. Third action with decision points if needed
|
|
|
|
### Workflow Checklist (for complex operations)
|
|
|
|
For complex multi-step operations, use a checkable workflow:
|
|
|
|
Progress:
|
|
[ ] 1. Initial setup and configuration
|
|
[ ] 2. Run primary security scan or analysis
|
|
[ ] 3. Review findings and classify by severity
|
|
[ ] 4. Apply remediation patterns
|
|
[ ] 5. Validate fixes with re-scan
|
|
[ ] 6. Document findings and generate report
|
|
|
|
Work through each step systematically. Check off completed items.
|
|
|
|
**For more workflow patterns**, see [references/WORKFLOW_CHECKLIST.md](references/WORKFLOW_CHECKLIST.md)
|
|
|
|
### Feedback Loop Pattern (for validation)
|
|
|
|
When validation and iteration are needed:
|
|
|
|
1. Generate initial output (configuration, code, etc.)
|
|
2. Run validation: `./scripts/validator_example.py output.yaml`
|
|
3. Review validation errors and warnings
|
|
4. Fix identified issues
|
|
5. Repeat steps 2-4 until validation passes
|
|
6. Apply the validated output
|
|
|
|
**Note**: Move detailed validation criteria to `references/` if complex.
|
|
|
|
## Security Considerations
|
|
|
|
- **Sensitive Data Handling**: Guidance on handling secrets, credentials, PII
|
|
- **Access Control**: Required permissions and authorization contexts
|
|
- **Audit Logging**: What should be logged for security auditing
|
|
- **Compliance**: Relevant compliance requirements (SOC2, GDPR, etc.)
|
|
|
|
## Bundled Resources
|
|
|
|
### Scripts (`scripts/`)
|
|
|
|
Executable scripts for deterministic operations. Use scripts for low-freedom operations requiring consistency.
|
|
|
|
- `example_script.py` - Python script template with argparse, error handling, and JSON output
|
|
- `example_script.sh` - Bash script template with argument parsing and colored output
|
|
- `validator_example.py` - Validation script demonstrating feedback loop pattern
|
|
|
|
**When to use scripts**:
|
|
- Deterministic operations that must be consistent
|
|
- Complex parsing or data transformation
|
|
- Validation and quality checks
|
|
|
|
### References (`references/`)
|
|
|
|
On-demand documentation loaded when needed. Keep SKILL.md concise by moving detailed content here.
|
|
|
|
- `EXAMPLE.md` - Template for reference documentation with security standards sections
|
|
- `WORKFLOW_CHECKLIST.md` - Multiple workflow pattern examples (sequential, conditional, iterative, feedback loop)
|
|
|
|
**When to use references**:
|
|
- Detailed framework mappings (OWASP, CWE, MITRE ATT&CK)
|
|
- Advanced configuration options
|
|
- Language-specific patterns
|
|
- Content exceeding 100 lines
|
|
|
|
### Assets (`assets/`)
|
|
|
|
Templates and configuration files used in output (not loaded into context). These are referenced but not read until needed.
|
|
|
|
- `ci-config-template.yml` - Security-enhanced CI/CD pipeline with SAST, dependency scanning, secrets detection
|
|
- `rule-template.yaml` - Security rule template with OWASP/CWE mappings and remediation guidance
|
|
|
|
**When to use assets**:
|
|
- Configuration templates
|
|
- Policy templates
|
|
- Boilerplate secure code
|
|
- CI/CD pipeline examples
|
|
|
|
## Common Patterns
|
|
|
|
### Pattern 1: [Pattern Name]
|
|
|
|
Description and example of common usage pattern.
|
|
|
|
### Pattern 2: [Pattern Name]
|
|
|
|
Additional patterns as needed.
|
|
|
|
## Integration Points
|
|
|
|
- **CI/CD**: How this integrates with build pipelines
|
|
- **Security Tools**: Compatible security scanning/monitoring tools
|
|
- **SDLC**: Where this fits in the secure development lifecycle
|
|
|
|
## Troubleshooting
|
|
|
|
### Issue: [Common Problem]
|
|
|
|
**Solution**: Steps to resolve.
|
|
|
|
## References
|
|
|
|
- [Tool Documentation](https://example.com)
|
|
- [Security Framework](https://owasp.org)
|
|
- [Compliance Standard](https://example.com)
|