Purpose: Provide composable, repeatable security/internal-testing primitives for authorized binaries and repo-managed prompt surfaces.
Works with
AI-first code editor with Composer
Before installing skills in Cursor, ensure your development environment meets these requirements:
node --versionsecurity-suiteExecute the skills CLI command in your project's root directory to begin installation:
Fetches security-suite from boshu2/agentops and configures it for Cursor.
The CLI shows a list of agents. Use arrow keys and space to select Cursor:
Confirm successful installation by checking the skill directory location:
Restart Cursor to activate security-suite. Access via /security-suite in your agent's command palette.
We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.
Skills execute code in your environment. Always review source, verify the publisher, and test in isolation before production.
Submit your Claude Code skill and start earning
Automate repetitive workflows and reduce manual effort
Example
Generate reports, summarize documents, draft communications
Save 3-5 hours per week on routine tasks
Learn new skills, understand complex topics, get expert guidance
Example
Explain concepts, provide examples, suggest learning resources
Accelerate learning and skill development by 2x
Enhance output quality through reviews, suggestions, and refinements
Example
Review drafts, suggest improvements, catch errors
Improve work quality by 30-40% with less effort
0
total installs
0
this week
260
GitHub stars
0
upvotes
Run in your terminal
0
installs
0
this week
260
stars
Purpose: Provide composable, repeatable security/internal-testing primitives for authorized binaries and repo-managed prompt surfaces.
This skill separates concerns into primitives so security workflows stay testable and reusable.
collect-static — file metadata, runtime heuristics, linked libraries, embedded archive signatures.collect-dynamic — sandboxed execution trace (processes, file changes, network endpoints).collect-contract — machine-readable behavior contract from help-surface probing.compare-baseline — current vs baseline contract drift (added/removed commands, runtime change).enforce-policy — allowlist/denylist gates and severity-based verdict.collect-redteam — offline repo-surface attack-pack scan for prompt-injection, tool-misuse, secret-exfiltration, and unsafe-shell regressions.run — thin binary orchestrator that composes primitives and writes suite summary.Single run (default dynamic command is --help):
python3 skills/security-suite/scripts/security_suite.py run \
--binary "$(command -v ao)" \
--out-dir .tmp/security-suite/ao-current
Baseline regression gate:
python3 skills/security-suite/scripts/security_suite.py run \
--binary "$(command -v ao)" \
--out-dir .tmp/security-suite/ao-current \
--baseline-dir .tmp/security-suite/ao-baseline \
--fail-on-removed
Policy gate:
python3 skills/security-suite/scripts/security_suite.py run \
--binary "$(command -v ao)" \
--out-dir .tmp/security-suite/ao-current \
--policy-file skills/security-suite/references/policy-example.json \
--fail-on-policy-fail
Repo-surface redteam:
python3 skills/security-suite/scripts/prompt_redteam.py scan \
--repo-root . \
--pack-file skills/security-suite/references/agentops-redteam-pack.json \
--out-dir .tmp/security-suite-redteam
For OWASP Top 10 code-level review, see references/owasp-checklist.md.
All outputs are written under --out-dir:
static/static-analysis.jsondynamic/dynamic-analysis.jsoncontract/contract.jsoncompare/baseline-diff.json (when baseline supplied)policy/policy-verdict.json (when policy supplied)suite-summary.jsonredteam/redteam-results.json (when repo-surface redteam is run)This output structure is intentionally machine-consumable for CI gates.
Use skills/security-suite/references/policy-example.json as a starting point.
Supported checks:
required_top_level_commandsdeny_command_patternsmax_created_filesforbid_file_path_patternsallow_network_endpoint_patternsdeny_network_endpoint_patternsblock_if_removed_commandsmin_command_countUse agentops-redteam-pack.json as the starting point for offline repo-surface redteam checks.
Supported target fields:
globsrequire_groupsforbidden_anyapplies_if_anyEach case expresses a concrete adversarial prompt or operator-bypass attempt and binds it to one or more repo-owned files. The first shipped pack covers instruction precedence, context overexposure, destructive git misuse, security gate bypass, and unsafe shell or secret-handling regressions.
This suite is designed for broad binary classes, not just CLI metadata:
It is intentionally modular so you can add deeper primitives later (syscall tracing, SBOM attestation verification, fuzz harnesses) without rewriting the workflow.
Run:
bash skills/security-suite/scripts/validate.sh
bash tests/scripts/test-security-suite-redteam.sh
Smoke test (recommended):
python3 skills/security-suite/scripts/security_suite.py run \
--binary "$(command -v ao)" \
--out-dir .tmp/security-suite-smoke \
--policy-file skills/security-suite/references/policy-example.json
Repo-surface smoke test:
python3 skills/security-suite/scripts/prompt_redteam.py scan \
--repo-root . \
--pack-file skills/security-suite/references/agentops-redteam-pack.json \
--out-dir .tmp/security-suite-redteam-smoke
User says: /security-suite run --binary $(command -v ao) --out-dir .tmp/security-suite/ao-v2.4
What happens:
--help execution observing processes, file changes, network endpoints), and contract capture against the ao binary.static/static-analysis.json, dynamic/dynamic-analysis.json, contract/contract.json, and suite-summary.json under the output directory.Result: A complete baseline snapshot is captured for ao v2.4, ready to be used as --baseline-dir for future release comparisons.
User says: /security-suite run --binary ./bin/ao-candidate --out-dir .tmp/ao-candidate --baseline-dir .tmp/security-suite/ao-v2.4 --policy-file skills/security-suite/references/policy-example.json --fail-on-removed --fail-on-policy-fail
What happens:
compare/baseline-diff.json with any added, removed, or changed commands.policy/policy-verdict.json with a pass/fail verdict.Result: The suite exits non-zero if any commands were removed or a policy check failed, blocking the candidate from promotion in the CI pipeline.
User says: /security-suite collect-redteam --repo-root .
What happens:
agentops-redteam-pack.json and evaluates repo-owned control surfaces against concrete attack cases.redteam/redteam-results.json and redteam/redteam-results.md under the chosen output directory, then exits non-zero if a fail-severity case is not resisted.Result: The repo gets a deterministic redteam verdict for prompt-injection, tool misuse, context overexposure, secret-handling, and unsafe-shell regressions without needing hosted model scanning.
| Problem | Cause | Solution |
|---|---|---|
| Suite exits non-zero with no clear finding | --fail-on-removed or --fail-on-policy-fail triggered on a legitimate change |
Review compare/baseline-diff.json and policy/policy-verdict.json to identify the specific delta, then update the baseline or policy file accordingly. |
dynamic/dynamic-analysis.json is empty or minimal |
Binary requires arguments beyond --help, or sandbox blocked execution |
Supply a custom dynamic command if supported, or verify the binary runs in the sandboxed environment (check permissions, missing shared libraries). |
contract/contract.json shows zero commands |
The binary does not expose a --help surface or uses a non-standard help flag |
Verify the binary supports --help; for binaries with unusual help interfaces, run collect-contract separately with the correct invocation. |
Policy verdict fails on deny_command_patterns |
A new subcommand matches a deny regex in the policy file | Either rename the subcommand or update deny_command_patterns in your policy JSON to exclude the legitimate pattern. |
baseline-diff.json not generated |
--baseline-dir was not provided or points to a missing directory |
Ensure the baseline directory exists and contains a valid contract/contract.json from a prior run. |
| Redteam scan fails after a wording cleanup | The attack pack no longer matches the intended guardrail language in target files | Review redteam/redteam-results.json, confirm whether the control regressed or the regex is too brittle, then update the target file or the pack intentionally. |
Prerequisites
Time Estimate
15-45 minutes depending on use case complexity
Steps
Common Pitfalls
✓ Do
✗ Don't
💡 Pro Tips
✓ Use when
Use when skill capabilities match your task, clear ROI on time saved, and you can validate outputs. Best for repetitive tasks, learning, and quality improvement.
✗ Avoid when
Avoid when task requires deep expertise you can't validate, involves sensitive decisions, or when learning process is more valuable than speed of completion.
shadcn/improve
anthropics/claude-code
mblode/agent-skills
github/awesome-copilot
leonxlnx/taste-skill
sickn33/antigravity-awesome-skills
Registry listing for security-suite matched our evaluation — installs cleanly and behaves as described in the markdown.
Useful defaults in security-suite — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
We added security-suite from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront.
security-suite has been reliable in day-to-day use. Documentation quality is above average for community skills.
Keeps context tight: security-suite is the kind of skill you can hand to a new teammate without a long onboarding doc.
security-suite is among the better-maintained entries we tried; worth keeping pinned for repeat workflows.
security-suite fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.
Solid pick for teams standardizing on skills: security-suite is focused, and the summary matches what you get after install.
Registry listing for security-suite matched our evaluation — installs cleanly and behaves as described in the markdown.
security-suite fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.
showing 1-10 of 47