mukul975/Anthropic-Cybersecurity-Skills

GitHub: mukul975/Anthropic-Cybersecurity-Skills

面向AI Agent的开源网络安全技能库,遵循agentskills.io开放标准,为多种AI编程助手提供611+项覆盖红蓝对抗、取证分析、云安全等领域结构化技能。

Stars: 22 | Forks: 4

Anthropic Cybersecurity Skills

611+ 种 AI Agent 网络安全技能 · agentskills.io 开放标准

License Skills Count Stars Last Commit Agent Skills Platforms

面向 AI Agent 的最大开源网络安全技能集合。每项技能均遵循 [agentskills.io](https://agentskills.io) 开放标准,可立即与 Claude Code、GitHub Copilot、OpenAI Codex CLI、Cursor、Gemini CLI 及其他 20 多个平台配合使用。 ## 快速开始 (30 秒) ``` # 添加至 Claude Code marketplace /plugin marketplace add mukul975/Anthropic-Cybersecurity-Skills # 或直接 clone git clone https://github.com/mukul975/Anthropic-Cybersecurity-Skills .skills/cybersecurity ``` ## 技能类别 | 类别 | 技能数 | 示例技能 | |----------|-------:|----------------| | Cloud Security | 48 | AWS S3 Bucket Audit, Azure AD Configuration, GCP Security Assessment | | Threat Intelligence | 43 | APT Group Analysis with MITRE Navigator, Campaign Attribution, Dark Web Monitoring | | Web Application Security | 41 | HTTP Request Smuggling, XSS with Burp Suite, Web Cache Poisoning | | Threat Hunting | 35 | Credential Dumping Detection, DNS Tunneling with Zeek, Living-off-the-Land Binaries | | Malware Analysis | 34 | Cobalt Strike Beacon Config, Ghidra Reverse Engineering, YARA Rule Development | | Digital Forensics | 34 | Disk Imaging with dd/dcfldd, Memory Forensics with Volatility3, Browser Forensics | | SOC Operations | 33 | Windows Event Log Analysis, Splunk Detection Rules, SIEM Use Case Implementation | | Network Security | 33 | Wireshark Traffic Analysis, VLAN Segmentation, Suricata IDS Configuration | | Identity & Access Management | 33 | SAML SSO with Okta, Privileged Access Management, RBAC for Kubernetes | | OT/ICS Security | 28 | SCADA System Attack Detection, Modbus Anomaly Detection, Purdue Model Segmentation | | API Security | 28 | API Enumeration Detection, BOLA Exploitation, GraphQL Security Assessment | | Container Security | 26 | Trivy Image Scanning, Falco Runtime Detection, Kubernetes Pod Security | | Vulnerability Management | 24 | DefectDojo Dashboard, CVSS Scoring, Patch Management Workflow | | Red Teaming | 24 | Sliver C2 Framework, BloodHound AD Analysis, Kerberoasting with Impacket | | Incident Response | 24 | Ransomware Response, Cloud Incident Containment, Volatile Evidence Collection | | Penetration Testing | 23 | External Network Pentest, Kubernetes Pentest, Active Directory Pentest | | Zero Trust Architecture | 17 | HashiCorp Boundary, Zscaler ZTNA, BeyondCorp Access Model | | Endpoint Security | 16 | CIS Benchmark Hardening, Windows Defender Configuration, Host-Based IDS | | DevSecOps | 16 | GitLab CI Pipeline, Semgrep Custom SAST Rules, Secret Scanning with Gitleaks | | Phishing Defense | 16 | Email Header Analysis, GoPhish Simulation, DMARC/DKIM/SPF Configuration | | Cryptography | 13 | TLS 1.3 Configuration, HSM Key Storage, Certificate Authority with OpenSSL | | Mobile Security | 12 | iOS App Analysis with Objection, Android Malware Reverse Engineering, Frida Hooking | | Ransomware Defense | 5 | Ransomware Precursor Detection, Backup Strategy, Honeypot Detection | | Compliance & Governance | 5 | GDPR Data Protection, ISO 27001 ISMS, PCI DSS Controls | ## 工作原理 每项技能均遵循 [agentskills.io](https://agentskills.io) 的**渐进式披露** 模式。在发现阶段,AI Agent 仅读取 YAML frontmatter(约 30-50 个 token)来判断相关性: ``` --- name: performing-memory-forensics-with-volatility3 description: Analyze memory dumps to extract processes, network connections, and malware artifacts using Volatility3. domain: cybersecurity subdomain: digital-forensics tags: [forensics, memory-analysis, volatility3, incident-response] --- ``` 如果技能与任务匹配,Agent 将加载完整内容——包括工作流步骤、先决条件、工具命令和验证检查——避免在无关技能上浪费 token。 ## 兼容平台 这些技能适用于任何支持 agentskills.io 标准或能够读取结构化 Markdown 的工具: | 平台 | 集成方式 | |----------|------------| | **Claude Code** | 通过 `/plugin` 原生加载技能 | | **GitHub Copilot** | 通过 `.skills/` 目录提供工作区上下文 | | **OpenAI Codex CLI** | 基于文件的上下文注入 | | **Cursor** | 项目规则和文档集成 | | **Gemini CLI** | 上下文文件加载 | | **Amp** | 技能目录挂载 | | **Goose** | 基于插件的技能加载 | | **Windsurf** | 从项目文件感知上下文 | | **Aider** | 仓库地图集成 | | **Continue** | 自定义上下文提供者 | | 以及其他 16+ 个 | 任何可读取结构化 Markdown 的 Agent | ## 技能结构 每项技能都遵循一致的目录结构: ``` skills/{skill-name}/ ├── SKILL.md # Skill definition with YAML frontmatter │ ├── Frontmatter # name, description, domain, subdomain, tags │ ├── When to Use # Trigger conditions for AI agents │ ├── Prerequisites # Required tools and access │ ├── Workflow # Step-by-step execution guide │ └── Verification # How to confirm success ├── references/ │ ├── standards.md # NIST, MITRE ATT&CK, CVE references │ └── workflows.md # Deep technical procedure reference ├── scripts/ │ └── process.py # Practitioner helper scripts └── assets/ └── template.md # Checklists and report templates ``` ## 贡献 我们欢迎网络安全社区的贡献。关于添加新技能、改进现有技能以及我们的审查流程,请参阅 [CONTRIBUTING.md](CONTRIBUTING.md) 获取指南。 ## 许可证 License 本项目采用 Apache License 2.0 许可。详情请见 [LICENSE](LICENSE)。
标签:AI安全, AI智能体, Chat Copilot, CISA项目, Claude, Cloudflare, Codex CLI, Cursor, CVE检测, DAST, DLL 劫持, DNS解析, FTP漏洞扫描, Gemini CLI, GitHub Copilot, IP 地址批量处理, MITRE ATT&CK, Web安全, 人工智能, 大语言模型, 威胁情报, 安全技能, 安全编排, 开发者工具, 开源项目, 恶意软件分析, 技能库, 提示词工程, 标准规范, 混合加密, 用户模式Hook绕过, 策略决策点, 结构化查询, 网络安全, 自动化安全, 蓝队分析, 蓝队防御, 逆向工具, 防御加固, 隐私保护