Command Palette

Search for a command to run...

UnylyUnyly
Весь каталог

Usap Skills

БесплатноНе проверен

Exposes 79 cybersecurity skills and 12 orchestrator agents over MCP, with a typed 11-field output contract, an enforced resolvable-evidence gate (no verdict wit

GitHubEmbed

Описание

Exposes 79 cybersecurity skills and 12 orchestrator agents over MCP, with a typed 11-field output contract, an enforced resolvable-evidence gate (no verdict without a resolvable source), and human-approval gating for every mutating action. Apache-2.0, stdlib-only.

README

USAP banner — wordmark, tagline 'Agents reason · Humans approve · MCP executes', live stats (79 skills · 12 cs-* agents · 12 domains), and a hex constellation of representative agents around the central USAP hub

USAP — Open-Source AI Cybersecurity Agent Skills

Signal Architecture · agents reason · humans approve · MCP executes

Website Skills Agents Domains Contract Frameworks License Python Last Commit usap-skills MCP server

Open-source cybersecurity skills library that turns any LLM into an auditable, portable security workflow runtime for SOC and AppSec teams.

Each SKILL.md is a complete LLM system prompt — paste into Claude, ChatGPT, Gemini, Ollama, or AnythingLLM with no install. Apache 2.0, typed 11-field output contract, framework-mapped (MITRE ATT&CK, NIST CSF 2.0, OWASP Top 10, ATLAS, D3FEND, NIST AI RMF), L1–L4 autonomy with explicit human-approval gates.

If this is useful, star the repo — it's the cheapest signal to send and the only one that drives discovery. Want to contribute? The open invitations in ROADMAP.md are picked tasks, not vague areas.

See every pillar run with real, reproducible output → examples/ · Install on your platform → INSTALLATION.md

Try it in 60 seconds

Option 1 — Claude Code plugin (one command, no clone)

If you have Claude Code installed, type these two slash commands in any project:

/plugin marketplace add jaskaranhundal/usap-skills
/plugin install usap@usap

That activates 7 slash commands (/usap:run, /usap:fortigate, /usap:orchestrate, /usap:challenge, /usap:compare, /usap:test, /usap:README) and 6 user-invocable orchestrator skills (@usap-alex, @usap-ciso, @usap-devsecops, @usap-incident-responder, @usap-program-manager, @usap-red-teamer).

Smoke test it:

/usap:fortigate

Alex runs the AT + CA workflows against the bundled Fintech FortiGate zero-day scenario and produces a 7-task scorecard.

Option 2 — paste-into-any-LLM bundle (Claude.ai, ChatGPT, Gemini, Ollama)

git clone https://github.com/jaskaranhundal/usap-skills.git
cd usap-skills
python3 shared/scripts/bundle_usap.py bundle --mode lite   # → dist/USAP_LITE.md  (32 KB)
# python3 shared/scripts/bundle_usap.py bundle --mode pro  # → dist/USAP_PRO.md   (185 KB — Gemini 1.5 Pro / 2.0 Flash)
# python3 shared/scripts/bundle_usap.py bundle --mode full # → dist/USAP_BUNDLE.md (744 KB — Claude Opus / GPT-5 / Gemini 2.5 Pro)

Paste dist/USAP_LITE.md as the system prompt in any LLM. No npm, no Docker, no API key, no signup. The bundled file is one markdown blob that becomes Alex (cs-security-analyst) on any model.

Option 3 — interactive web demo (no install)

Open docs/design-system/ui_kits/platform/index.html in any browser for the 3-screen click-through (Landing → Agent Console → Findings).

Option 4 — MCP server (Cursor, Codex CLI, Gemini CLI, Goose, any MCP client)

USAP also runs as a stdlib-only Model Context Protocol server. Add to your client's MCP config:

{
  "mcpServers": {
    "usap": {
      "command": "python3",
      "args": ["/absolute/path/to/usap-skills/tools/mcp_server.py"]
    }
  }
}

Connect, then ask plain-English security questions — your client discovers and loads USAP skills and cs-* agents on demand. Read-only Phase 1 today; Phase 2 turns USAP into the master MCP routing security intents to downstream vendor MCPs (SIEM, EDR, firewall) with the contract's human_approval_required gate enforcing the human approval step. Full docs at docs/mcp-server.md.


Architecture

USAP architecture — central hub orbited by 12 cs-* orchestrator agents, each domain colour-coded, with the 11-field output contract caption

The diagram above is the architecture diagram — a Signal-Architecture-styled hex constellation with all 12 cs-* agents around the central USAP hub. Domain colour-coding on the border: security/ cyan · appsec/ violet · devsecops/ orange · executive/ blue · governance/ green. Regenerate with python3 tools/gen_architecture_svg.py.

Same diagram as a plain Mermaid graph (for environments that don't render SVG)
flowchart LR
    SK["79 skills across<br/>12 domains<br/>(SKILL.md + scripts/)"]:::skill --> A
    subgraph A ["12 cs-* orchestrator agents"]
        direction TB
        subgraph S ["agents/security/"]
            S1[cs-security-analyst]
            S2[cs-incident-responder]
            S3[cs-red-teamer]
            S4[cs-blue-team-analyst]
            S5[cs-cloud-investigator]
            S6[cs-supply-chain-defender]
            S7[cs-threat-intel-lead]
            S8[cs-purple-team-lead]
        end
        subgraph P ["agents/appsec/"]
            P1[cs-appsec-engineer]
        end
        subgraph D ["agents/devsecops/"]
            D1[cs-devsecops-engineer]
        end
        subgraph E ["agents/executive/"]
            E1[cs-ciso-advisor]
        end
        subgraph G ["agents/governance/"]
            G1[cs-security-program-manager]
        end
    end
    A --> OUT["11-field JSON output contract<br/>agent_slug · intent_type · action<br/>rationale · confidence · severity<br/>key_findings · evidence_references<br/>next_agents · human_approval_required<br/>timestamp_utc"]:::out

    classDef skill fill:#06222b,stroke:#29d3f0,stroke-width:1px,color:#e6edf3
    classDef out fill:#1c2230,stroke:#d2a8ff,stroke-width:1px,color:#e6edf3

Skills are stateless prompt + tool packages (SKILL.md + stdlib scripts/). Orchestrator agents compose them via the v2 agent contract (standards/agent-contract.md). Every output validates against the typed 11-field contract (standards/output-contract.md).

Interactive UI kit: for the same flow as a clickable web demo (Landing → Agent Console → Findings), open docs/design-system/ui_kits/platform/index.html — built on the USAP Design System: Signal Architecture visual language, 10 React components, 160+ CSS tokens.

What a real payload looks like

Every skill emits the same shape. Below is a fully-populated payload from one run of vuln-scan against the in-repo SimpleStoreAPI fixture — all 11 required fields plus the optional tail (mitre_ttps, affected_assets, artifact_path). Byte-identical to appsec-devsecops/vuln-scan/expected_outputs/sample_output.json, validated against tools/output_contract.py in CI on every push.

{
  "agent_slug": "vuln-scan",
  "intent_type": "detect",
  "action": "Hand off to finding-triage — 4 mapped findings, 1 unmapped, top severity high.",
  "rationale": "Scanned SimpleStoreAPI against TM-001..TM-005. Found 5 distinct findings after dedup: hardcoded credential (TM-001 proximity 9), SQL string concat (TM-002 proximity 8), public S3 ACL (TM-002 proximity 7), permissive CORS (unmapped), missing input validation on /api/v1/profile (TM-001 proximity 9). Confidence dampened 0.05 per merge.",
  "confidence": 0.82,
  "severity": "high",
  "key_findings": [
    "VF-001 hardcoded-credential at src/config.py:14 — mapped to TM-001, proximity 9",
    "VF-002 sql-string-concat at src/db/profile.js:42 — mapped to TM-002, proximity 8",
    "VF-003 public-iac at infra/storage.tf:21 — mapped to TM-002, proximity 7",
    "VF-004 missing-input-validation at src/routes/profile.js:11 — mapped to TM-001, proximity 9",
    "VF-005 permissive-cors at src/middleware/cors.js:6 — UNMAPPED (no top-5 threat covers this)"
  ],
  "evidence_references": [
    {"source": "scanner", "ref": "src/config.py:14", "quote": "PASSWORD = \"changeme-prod\""},
    {"source": "scanner", "ref": "src/db/profile.js:42", "quote": "db.query('SELECT * FROM users WHERE id = ' + req.params.id)"},
    {"source": "scanner", "ref": "infra/storage.tf:21", "quote": "acl = \"public-read\""}
  ],
  "next_agents": ["finding-triage"],
  "human_approval_required": false,
  "timestamp_utc": "2026-06-20T10:30:00Z",
  "mitre_ttps": ["T1552.001", "T1190"],
  "affected_assets": ["SimpleStoreAPI"],
  "artifact_path": "/tmp/simple-store-api/VULN-FINDINGS.json"
}

The 11 required fields are: agent_slug, intent_type, action, rationale, confidence, severity, key_findings, evidence_references, next_agents, human_approval_required, timestamp_utc. Optional extras after that. The CI gate fails any committed sample that drops a required field.

Why USAP

New here? Read: USAP vs Prompt Libraries — why a SKILL.md is more than a folder of prompts.

  • Open source, no SaaS, no waitlist. Apache 2.0. Drop the skills into Claude, ChatGPT, Gemini, Ollama, or AnythingLLM with no platform install. No vendor cloud, no per-seat pricing, no telemetry leaving your environment.
  • Standardized 11-field output contract. Every skill emits CVSS, MITRE ATT&CK technique IDs, evidence references, and an explicit human_approval_required flag (standards/output-contract.md). Safe to embed in production agent stacks where competitor copilots remain black boxes.
  • cs-* orchestrator agents. 12 named agents (cs-security-analyst, cs-incident-responder, cs-blue-team-analyst, cs-red-teamer, cs-cloud-investigator, cs-supply-chain-defender, cs-threat-intel-lead, cs-purple-team-lead, cs-appsec-engineer, cs-devsecops-engineer, cs-ciso-advisor, cs-security-program-manager) compose the skills into reproducible workflows.
  • Framework-mapped at the metadata layer. metadata.frameworks.{mitre_attack, nist_csf, mitre_atlas, owasp_top10, d3fend, nist_ai_rmf} arrays drive auto-generated ATT&CK Navigator and NIST CSF coverage docs in mappings/ — never hand-maintained.
  • L1–L4 autonomy model. Mutating intents (key rotation, isolation, account disablement) carry explicit human_approval_required: true gates. Predictable behaviour at every level.
  • agentskills.io spec-conformant. Every USAP SKILL.md validates against the open standard (verified on 2026-06-20). Drop USAP into any agentskills.io-compatible client — Claude Code, Cursor, Goose, OpenCode, GitHub Copilot, Gemini CLI, OpenAI Codex CLI, and 30+ others.

Who is this for

USAP is built for three teams that already own LLM access and don't want to rent another SaaS:

  • SOC and detection engineering teams (50–500-person security orgs) running Splunk / Sentinel + EDR who want a vetted, MITRE-mapped skills library to amplify analyst output. Activate cs-security-analyst for any alert; cascade to cs-blue-team-analyst, cs-threat-intel-lead, or cs-incident-responder.
  • DevSecOps and platform-security engineers at engineering-led orgs who use Claude Code or similar. Embed cs-devsecops-engineer and cs-appsec-engineer in CI; route runtime findings into webapp-security/.
  • MSSPs, security consultancies, and red teamers who need client-ready CVSS / MITRE / evidence-tagged deliverables. White-label the skills, embed in your own delivery stack, ship.

Demo: an end-to-end run

Animated demo of cs-appsec-engineer running vuln-scan against SimpleStoreAPI and emitting an 11-field JSON payload

A real run of cs-appsec-engineer against the in-repo SimpleStoreAPI fixture. The animation above and the transcript below show the same data — every line of JSON is byte-identical to appsec-devsecops/vuln-scan/expected_outputs/sample_output.json. Regenerate the animation with python3 tools/gen_demo_svg.py.

You: Scan examples/SimpleStoreAPI for vulnerabilities and route any high findings to triage.

cs-appsec-engineer: Running vuln-scan against threat model TM-001..TM-005.

$ python3 appsec-devsecops/vuln-scan/scripts/vuln-scan_tool.py \
    --input examples/SimpleStoreAPI/scan-context.json --output json
{
  "agent_slug": "vuln-scan",
  "intent_type": "detect",
  "action": "Hand off to finding-triage — 4 mapped findings, 1 unmapped, top severity high.",
  "rationale": "Scanned SimpleStoreAPI against TM-001..TM-005. Found 5 distinct findings after dedup: hardcoded credential (TM-001 proximity 9), SQL string concat (TM-002 proximity 8), public S3 ACL (TM-002 proximity 7), permissive CORS (unmapped), missing input validation on /api/v1/profile (TM-001 proximity 9). Confidence dampened 0.05 per merge.",
  "confidence": 0.82,
  "severity": "high",
  "key_findings": [
    "VF-001 hardcoded-credential at src/config.py:14 — mapped to TM-001, proximity 9",
    "VF-002 sql-string-concat at src/db/profile.js:42 — mapped to TM-002, proximity 8",
    "VF-003 public-iac at infra/storage.tf:21 — mapped to TM-002, proximity 7",
    "VF-004 missing-input-validation at src/routes/profile.js:11 — mapped to TM-001, proximity 9",
    "VF-005 permissive-cors at src/middleware/cors.js:6 — UNMAPPED (no top-5 threat covers this)"
  ],
  "evidence_references": [
    {"source": "scanner", "ref": "src/config.py:14", "quote": "PASSWORD = \"changeme-prod\""},
    {"source": "scanner", "ref": "src/db/profile.js:42", "quote": "db.query('SELECT * FROM users WHERE id = ' + req.params.id)"},
    {"source": "scanner", "ref": "infra/storage.tf:21", "quote": "acl = \"public-read\""}
  ],
  "next_agents": ["finding-triage"],
  "human_approval_required": false,
  "timestamp_utc": "2026-06-20T10:30:00Z"
}

cs-appsec-engineer: Severity is high, next_agents points at finding-triage. Handing off.

Synthesis (operator-facing):

Five findings, four mapped to your threat model. The hardcoded production credential (src/config.py:14) and the SQL string concatenation on the profile route are both proximity-9 hits against TM-001 — patch first. The public S3 bucket ACL is a separate proximity-7 TM-002 hit. The permissive CORS rule is unmapped, which usually means your threat model is incomplete — recommend revisiting TM coverage. No mutating actions taken; human_approval_required was false because this was a read-only detect.

Try it yourself:

python3 appsec-devsecops/vuln-scan/scripts/vuln-scan_tool.py --output json | jq .
python3 tools/output_contract.py appsec-devsecops/vuln-scan/expected_outputs/sample_output.json

Proof: every claim is a file in this repo

Claim Evidence
Typed 11-field output contract standards/output-contract.md + tools/output_contract.py validator
Every skill emits a real payload appsec-devsecops/vuln-scan/expected_outputs/sample_output.json (one of 79)
MITRE ATT&CK Navigator layer is auto-generated mappings/mitre-attack/attack-navigator-layer.json regenerated by tools/framework_extractor.py; CI fails on drift
NIST CSF 2.0 coverage doc is auto-generated mappings/nist-csf/csf-alignment.md
MITRE ATT&CK coverage doc mappings/mitre-attack/coverage-summary.md — 13 distinct techniques cited so far; 10 of the 79 skills carry metadata.frameworks.mitre_attack arrays (backfill is ongoing)
L1-L4 autonomy + human_approval_required gate standards/level-guide.md + tools/validate_invocation_control.py strict CI gate
agentskills.io spec conformance standards/frontmatter-spec.md + tools/validate_skill.py on every push

ATT&CK Navigator layer (excerpt)

The full layer at mappings/mitre-attack/attack-navigator-layer.json opens directly in MITRE's Navigator. Excerpt of the first two techniques:

{
  "name": "USAP MITRE ATT&CK Coverage",
  "versions": {
    "attack": "16",
    "navigator": "4.9.5",
    "layer": "4.5"
  },
  "domain": "enterprise-attack",
  "techniques": [
    {
      "techniqueID": "T1041",
      "score": 1,
      "color": "",
      "comment": "USAP skills covering: detection/threat-intelligence",
      "enabled": true,
      "metadata": [],
      "links": [],
      "showSubtechniques": true
    },
    {
      "techniqueID": "T1046",
      "score": 1,
      "color": "",
      "comment": "USAP skills covering: detection/threat-hunting",
      "enabled": true,
      "metadata": [],
      "links": [],
      "showSubtechniques": true
    }
  ]
}

NIST CSF 2.0 coverage (excerpt)

From mappings/nist-csf/csf-alignment.md:

Subcategory Skill count Covering skills
DE.AE-02 3 detection/behavioral-analytics, detection/detection-engineering, detection/threat-hunting
DE.CM-01 2 detection/detection-engineering, detection/threat-hunting
ID.RA-05 1 detection/threat-intelligence

These tables are not hand-maintained. They are emitted by tools/framework_extractor.py from each skill's metadata.frameworks.* arrays. The CI pipeline fails any PR that ships a drift between the source frontmatter and the generated docs.

Quick Start

One agent. Any security question. Paste and go.

Who you are Paste this Works on
Anyone — business owner, IT admin, or security engineer dist/USAP_LITE.md Claude, ChatGPT, Gemini, Ollama
Security team needing full orchestration across specialist agents dist/USAP_PRO.md Claude, ChatGPT, Gemini, Ollama
Security program with all 79 skills embedded dist/USAP_BUNDLE.md Claude, ChatGPT, Gemini

Generate your kit:

python3 shared/scripts/bundle_usap.py bundle --mode lite   # → dist/USAP_LITE.md
python3 shared/scripts/bundle_usap.py bundle --mode pro    # → dist/USAP_PRO.md
python3 shared/scripts/bundle_usap.py bundle --mode full   # → dist/USAP_BUNDLE.md

How Alex works

Alex (cs-security-analyst) is the single entry point for all three kits. You do not need to know which agent or skill to use — Alex figures that out.

  • Lite: Alex answers directly from knowledge of all 79 USAP skills. Plain English by default; goes fully technical when you ask.
  • Pro / Full: Alex detects multi-domain problems, activates party mode (OR), delegates to specialist agents (cs-incident-responder, cs-ciso-advisor, etc.), and synthesizes one unified answer.
  • Any LLM: Paste the file as your system prompt. No install required.
  • Future: MCP connectors will let Alex pull live cloud inventory, SIEM, and EDR data automatically. Until then, paste logs or describe your environment.

Use with Gemini

Three ways — pick the one that fits your setup:

Option 1: Google AI Studio (free, no code)

  1. Go to aistudio.google.com
  2. Click Create new prompt → set type to Chat
  3. Paste the contents of dist/USAP_LITE.md into the System instructions field
  4. Start chatting with Alex

Option 2: Gemini Gems (Gemini Advanced)

  1. Go to gemini.google.comGemsCreate a Gem
  2. Name: USAP Security Advisor
  3. Instructions: paste the contents of dist/USAP_LITE.md
  4. Save and chat

Option 3: Python script (Gemini API)

# Install the SDK
pip install google-generativeai

# Set your API key (get one free at aistudio.google.com)
export GEMINI_API_KEY="your-key-here"

# Start a chat session with Alex
python3 shared/scripts/gemini_chat.py --kit lite

# Use the pro kit (Alex + all 6 specialist agents)
python3 shared/scripts/gemini_chat.py --kit pro

# Use a different model
python3 shared/scripts/gemini_chat.py --kit lite --model gemini-1.5-pro

Kit size guide:

Kit Size Recommended for
lite 32 KB Any Gemini model, free tier
pro 121 KB Gemini 1.5 Pro / 2.0 Flash
full 684 KB Gemini 1.5 Pro (2M context)

Use as CLI commands

USAP agents are registered as native slash commands in both Gemini CLI and Claude Code.

Gemini CLI

npm install -g @google/gemini-cli
cd usap-skills
gemini          # GEMINI.md auto-loaded
/usap-alex      # Activate cs-security-analyst

Claude Code

cd usap-skills
claude          # CLAUDE.md auto-loaded
/usap-alex      # Activate cs-security-analyst

Available commands

Command Agent Use for
/usap-alex cs-security-analyst Any security question — universal entry point
/usap-incident-responder cs-incident-responder Active incidents, forensics, containment
/usap-red-teamer cs-red-teamer Red team planning and offensive security
/usap-devsecops cs-devsecops-engineer Pipeline security, SAST/DAST, PR gates
/usap-ciso cs-ciso-advisor Board reports, risk posture, executive briefs
/usap-program-manager cs-security-program-manager Security roadmap and program planning

Which agent for which problem?

Active incident in progress

Situation Start here Then cascade to
Any new security event incident-classification Routes to the right specialist
Confirmed active incident, need command incident-commander forensics, containment-advisor
Need to contain an active threat containment-advisor MCP execution layer
Ransomware or destructive attack incident-commandercontainment-advisor forensics, compliance-mapping
Forensic timeline and chain of custody forensics threat-intelligence, compliance-mapping

Credentials and identity

Situation Agent
Secret/API key found in code or logs secrets-exposure
IAM anomaly, privilege escalation, root usage identity-access-risk
Unusual user behavior, insider threat indicators behavioral-analytics
Cryptographic key management risk cryptography-key-management

Threats and hunting

Situation Agent
Hypothesis-driven threat hunt threat-hunting
IOC enrichment and actor attribution threat-intelligence
Anomaly or behavioral deviation behavioral-analytics
Active network intrusion or lateral movement threat-huntingincident-classification

Vulnerabilities and patching

Situation Agent
CVE triage and prioritization vulnerability-management
Zero-day, no patch available zero-day-response
Code scanning (SAST/DAST) results sast-dast-coordinator
IaC misconfiguration iac-security
Cloud posture and drift cloud-security-posture
Dependency and SBOM analysis supply-chain-risk

Cloud and infrastructure

Situation Agent
AWS/Azure/GCP misconfiguration scan cloud-security-posture
Container image vulnerability scan (Trivy/Grype/Snyk) container-image-scan
Public attack surface mapping attack-surface-management
Network exposure and open ports network-exposure
Endpoint and OS security endpoint-os-security
OT/ICS/IoT device security ot-iot-device-security
Build pipeline integrity build-integrity

Detection and engineering

Situation Agent
Write a detection rule for a new TTP detection-engineering
Assess telemetry data quality telemetry-signal-quality
Continuous automated pentesting results continuous-pentesting
AI/LLM agent integrity and prompt injection agent-integrity-monitor

Architecture and design

Situation Agent
Threat model a new system or feature risk-threat-modeling
Security architecture review security-architecture
AI system ethics and governance ai-ethics-governance
AI agent security assessment ai-agent-security

Compliance and governance

Situation Agent
Map findings to compliance frameworks compliance-mapping
Track regulatory horizon changes regulatory-horizon
Internal audit and SOC 2 evidence internal-audit-assurance
Privacy DPIA for a new feature privacy-dpia
Security policy and control assessment security-policy-control
Cyber insurance risk inputs cyber-insurance
Quantum cryptography readiness quantum-security-readiness

Supply chain and third parties

Situation Agent
Dependency and package risk supply-chain-risk
Supply chain attack simulation supply-chain-simulation
Vendor and third-party risk assessment third-party-vendor-risk

Red team and adversary simulation

Situation Agent
Red team campaign planning red-team-planner
Red team execution and Kill Chain red-team-operations
Safe, scoped exploitation safe-exploitation
Attack path analysis attack-path-analysis
Security research and vulnerability discovery security-research

Operations and reporting

Situation Agent
Track and triage security findings findings-tracker
Security metrics and KPI reporting metrics-reporting
Knowledge base and lessons learned knowledge-management
Security awareness and training security-awareness
Orchestrate a multi-agent workflow orchestrator

Orchestrator Agents

7 cs-* agents that coordinate multiple skills into role-specific workflows:

Agent Domain Skills Orchestrated Description
cs-security-analyst Security All 79 skills (full knowledge base) + 11 specialist agents Universal security advisor — any question, any audience, any domain. Adapts to non-technical and expert users. Makes decisions.
cs-incident-responder Security incident-commander, incident-classification, containment-advisor, forensics, zero-day-response Full incident lifecycle — triage, containment, forensics, post-incident review
cs-red-teamer Security red-team-planner, red-team-operations, safe-exploitation, attack-path-analysis, continuous-pentesting Offensive security coordinator — engagement scoping, attack path mapping, findings report
cs-devsecops-engineer DevSecOps secure-sdlc, sast-dast-coordinator, devsecops-pipeline, build-integrity, supply-chain-risk, appsec-code-review, pipeline-security-scan Security-in-pipeline engineer — PR gate, pipeline hardening, SBOM generation
cs-ciso-advisor Executive enterprise-risk-assessment, compliance-mapping, metrics-reporting, security-posture-score, ciso-brief-generator, cyber-insurance Executive advisor — board reports, risk posture reviews, regulatory gap assessments
cs-security-program-manager Governance security-roadmap-planner, security-debt-tracker, findings-tracker, metrics-reporting, vulnerability-management Passive lifecycle orchestrator — program planning, proactive scanning, facilitation
cs-blue-team-analyst Security threat-hunting, threat-intelligence, behavioral-analytics, telemetry-signal-quality, incident-classification, forensics, containment-advisor, detection-engineering Blue Team commander — alert triage, proactive hunting, DFIR, detection engineering
cs-appsec-engineer AppSec webapp-risk-triage, owasp-top10-classifier, api-security-posture, sast-dast-coordinator, secure-sdlc Runtime + build-time AppSec orchestrator — finding triage, OWASP classification, API posture scoring
cs-cloud-investigator Security cloud-security-posture, cloud-workload-protection, identity-access-risk, threat-hunting Cloud incident investigation — CSPM triage, workload runtime, IAM anomaly correlation
cs-supply-chain-defender Security supply-chain-risk, build-integrity, supply-chain-simulation, sast-dast-coordinator Software supply chain defense — SBOM analysis, malicious package detection, SLSA verification
cs-threat-intel-lead Security threat-intelligence, threat-hunting, behavioral-analytics, incident-classification Intelligence-driven SOC — IOC enrichment, attribution, intel-driven hunts
cs-purple-team-lead Security red-team-planner, red-team-operations, detection-engineering, threat-hunting Purple team orchestrator — detection validation, gap analysis, exercise readiness

See agents/CLAUDE.md for the agent development guide.


Domain Index

Domain Skills
Detection threat-hunting, secrets-exposure, behavioral-analytics, telemetry-signal-quality, network-exposure, attack-surface-management, threat-intelligence, deception-honeypot
Response incident-commander, incident-classification, containment-advisor, forensics, zero-day-response, zero-day-response-governance
Risk & Compliance enterprise-risk-assessment, risk-threat-modeling, compliance-mapping, regulatory-horizon, privacy-dpia, cyber-insurance, internal-audit-assurance, security-posture-score
Cloud & Infra cloud-security-posture, iac-security, container-image-scan, endpoint-os-security, ot-iot-device-security, cloud-workload-protection
AppSec & DevSecOps secure-sdlc, sast-dast-coordinator, devsecops-pipeline, build-integrity, supply-chain-risk, supply-chain-simulation, appsec-code-review, pipeline-security-scan
Identity & Access identity-access-risk, data-security-classification, cryptography-key-management, insider-physical-risk
Red Team red-team-operations, red-team-planner, safe-exploitation, continuous-pentesting, attack-path-analysis, ai-red-teaming
Governance security-architecture, security-policy-control, security-awareness, findings-tracker, vulnerability-management, metrics-reporting, security-posture-score, ciso-brief-generator
Platform & AI orchestrator, tool-execution-broker, guardrail, agent-integrity-monitor, ai-agent-security, ai-ethics-governance, ai-red-teaming
System Security os-hardening
Pentest web-app-pentest, pentest-reporting

All 79 skills

Slug Level Category Description
ai-red-teaming L4 Red Team Adversarial testing of AI/ML systems: prompt injection, model inversion, jailbreak detection
agent-integrity-monitor L3 Detection Monitors AI agent outputs for integrity violations, prompt injection, and manipulation
ai-agent-security L3 Detection Security assessment of AI/LLM agents: input validation, output sanitization, trust boundaries
ai-ethics-governance L2 Governance AI ethics review, bias assessment, and responsible AI governance for AI system deployments
attack-path-analysis L3 Analysis Maps attacker lateral movement paths through network topology to reach target assets
attack-surface-management L3 Analysis Discovers and inventories public-facing attack surface: domains, IPs, ports, web assets
behavioral-analytics L3 Detection UEBA: entity risk scoring, insider threat pattern detection, account takeover identification
build-integrity L3 Detection Verifies software build pipeline integrity: artifact signing, provenance, reproducibility
cloud-security-posture L4 Cloud CSPM: AWS/Azure/GCP posture evaluation against CIS Benchmarks, drift detection, compliance mapping
compliance-mapping L2 Compliance Maps security findings to regulatory frameworks: GDPR, PCI DSS, HIPAA, SOC 2, ISO 27001
container-image-scan L3 Cloud Classifies Trivy/Grype/Snyk findings by component (base-image OS package, app dependency, implanted layer) into block-deploy/fix/track/accept
containment-advisor L3 Response Recommends containment strategies across 10 threat types; assesses blast radius and production impact
continuous-pentesting L3 Testing Interprets and prioritizes automated continuous penetration testing results
cryptography-key-management L3 Identity Assesses cryptographic key lifecycle risk: weak algorithms, key rotation gaps, HSM gaps
cyber-insurance L2 Governance Evaluates cyber insurance coverage adequacy against incident scenarios and risk profile
data-security-classification L3 Data Classifies data assets by sensitivity, maps to regulatory requirements, recommends controls
detection-engineering L3 Detection Designs and validates SIEM/EDR detection rules in Sigma, KQL, SPL, YARA with MITRE mapping
devsecops-pipeline L3 DevSecOps Security gate assessment for CI/CD pipelines: secrets scanning, SAST, DAST, SCA integration
endpoint-os-security L4 Endpoint Endpoint and OS security assessment: patch status, EDR coverage, hardening baselines
enterprise-risk-assessment L2 Risk Board-level enterprise risk assessment: risk aggregation, heat maps, risk appetite alignment
findings-tracker L3 Operations Tracks, triages, deduplicates, and ages security findings across the vulnerability lifecycle
forensics L3 Response Legally defensible digital forensics: DFRWS six-phase framework, chain-of-custody, dwell time
guardrail L3 Governance Enforces USAP output contracts and intent classification guardrails on agent outputs
iac-security L3 DevSecOps Infrastructure-as-Code security analysis: Terraform, CloudFormation, Kubernetes manifests
identity-access-risk L4 Identity IAM anomaly detection, privilege escalation analysis, CloudTrail pattern matching (5 patterns)
incident-classification L3 Response Universal first-triage: classifies events into 14 types, assigns severity, identifies false positives
incident-commander L2 Response Active incident command (ICS model): SEV1-4 declaration, response tracks, regulatory deadlines
insider-physical-risk L3 Detection Insider threat and physical security risk assessment combining behavioral and physical indicators
internal-audit-assurance L2 Compliance Internal audit evidence collection: SOC 2, ISO 27001, SOX IT general controls
knowledge-management L2 Operations Security knowledge base management: lessons learned, runbook quality, knowledge gap identification
metrics-reporting L2 Reporting Security KPI and metrics reporting: MTTR, MTTD, patch coverage, SLA compliance
network-exposure L3 Network Network exposure assessment: open ports, firewall rule analysis, internet-facing service inventory
orchestrator L2 Orchestration Multi-agent workflow orchestration: routes events, sequences agents, manages cascade logic
ot-iot-device-security L4 OT/IoT OT/ICS/IoT device security: protocol analysis, firmware assessment, network segmentation gaps
privacy-dpia L2 Compliance Data Protection Impact Assessment for GDPR-applicable features and processing activities
quantum-security-readiness L2 Risk Post-quantum cryptography readiness: identifies vulnerable algorithms, migration planning
red-team-operations L3 Red Team Kill Chain execution planning: OPSEC, C2 design, lateral movement, exfil staging (requires authorization)
red-team-planner L3 Red Team Red team campaign planning: objectives, scope, RoE, phase map, authorization validation
regulatory-horizon L2 Compliance Tracks emerging regulatory requirements and their security control implications
risk-threat-modeling L1 Risk STRIDE/PASTA/LINDDUN threat modeling: DFDs, risk scoring (Likelihood × Impact), MITRE mapping
safe-exploitation L3 Testing Scoped, safe exploitation execution with minimal footprint and mandatory abort conditions
sast-dast-coordinator L3 DevSecOps Coordinates and interprets SAST, DAST, and SCA scan results; deduplicates findings
secrets-exposure L4 Detection Credential exposure analysis: 15 secret types, entropy scoring, blast radius, attacker timeline
secure-sdlc L3 DevSecOps Secure software development lifecycle: security requirements, design review, code review guidance
security-architecture L2 Architecture Security architecture review: zero trust assessment, control coverage gaps, architecture risk
security-awareness L2 Training Security awareness program assessment: phishing simulation results, training effectiveness
security-policy-control L2 Governance Security policy adequacy review: gap analysis against frameworks, control effectiveness
security-research L3 Research Vulnerability research and responsible disclosure guidance
supply-chain-risk L3 Risk SBOM analysis, malicious package detection (5 categories), SLSA build integrity assessment
supply-chain-simulation L3 Risk Simulates supply chain attack scenarios to test detection and response capabilities
telemetry-signal-quality L3 Detection Assesses telemetry data quality, dedup confidence, normalization errors, data source health
third-party-vendor-risk L2 Risk Third-party and vendor risk assessment: security questionnaires, contract risk, SLA gaps
threat-hunting L3 Detection Hypothesis-driven, IOC-driven, and anomaly-driven threat hunting with 4 built-in playbooks
threat-intelligence L3 Intelligence Threat intelligence enrichment: IOC analysis, actor attribution, TTP mapping
tool-execution-broker L4 Operations Mediates tool execution requests from agents: scope validation, approval gating, execution logging
vulnerability-management L3 Vulnerability Full vulnerability lifecycle: CVSS v3.1 + EPSS scoring, SLA-based prioritization, remediation tracking
zero-day-response L3 Response Zero-day compensating controls: exposure scoring, 5 control options, vendor timeline tracking
zero-day-response-governance L2 Governance Board/executive coordination for zero-day events: communication matrix, regulatory deadlines
cloud-workload-protection L4 Cloud Container and serverless runtime security: anomaly detection, escape detection, CWPP gap analysis
appsec-code-review L4 AppSec Security-focused static code analysis: OWASP Top 10, logic flaws, dependency audits
security-posture-score L3 Governance Cross-domain security posture scoring: aggregates findings into an executive scorecard
deception-honeypot L4 Detection Deception technology strategy: honeypot placement, canary token deployment, lateral movement traps
pipeline-security-scan L4 DevOps CI/CD pipeline security scanning: secrets in env vars, SAST integration, artifact signing check
ciso-brief-generator L2 Executive Generates CISO-level security briefs: risk posture summaries, board-ready narratives
security-roadmap-planner L2 Governance Builds investment-prioritized 12-month security program roadmaps from posture, risk, and compliance data
security-debt-tracker L3 Governance Tracks and analyzes aging security findings, computes SLA breach counts, and classifies debt accumulation rate
security-requirements-review L3 AppSec Proactive analysis of PRDs, architecture docs, and requirements specs to extract security gaps before alerts fire
os-hardening L4 System Security OS configuration assessment against CIS Benchmarks, DISA STIGs, and NSA guides with prioritized remediation
web-app-pentest L4 Pentest OWASP Top 10 web/API penetration testing with CVSS and MITRE mapping; authorization required
pentest-reporting L2 Pentest Compiles pentest findings into executive and technical reports with CVSS risk ratings and patch SLAs
credential-attacks L3 Red Team Credential attack reasoning: spray vs brute-force decisions, wordlist selection, hydra result interpretation, lockout risk
web-enumeration L3 Red Team Active web content discovery: path brute-force result reasoning, endpoint prioritization, high-value target identification
webapp-risk-triage L3 Webapp First-pass webapp finding triage: OWASP category mapping, severity scoring, blast radius scoping, downstream skill routing
owasp-top10-classifier L3 Webapp OWASP Top 10 2025 classification with confidence scoring from a finding description or CWE
api-security-posture L3 Webapp API surface posture scoring against OWASP API Security Top 10 (BOLA, auth, rate limit, mass assignment, audit)
threat-model L3 AppSec STRIDE + DREAD threat modeling from a target spec; entry point of the AppSec chain
vuln-scan L3 AppSec Threat-model-scoped static analysis: hardcoded creds, SQL string concat, public IaC, weak crypto
finding-triage L3 AppSec Verify, dedupe, rank vuln-scan output; emit TRIAGE.md hit list
patch-candidate L4 AppSec Generate minimal candidate patches (unified diffs) for confirmed findings — never auto-applies
appsec-customize L3 AppSec Three-forcing-question walkthrough to adapt the AppSec chain to a new language / vulnerability class

Standalone use (no USAP required)

Paste any SKILL.md into your LLM as the system prompt, then send a security event as the user message.

# View a SKILL.md
cat secrets-exposure/SKILL.md

# Minimal user message structure
{
  "event_type": "secret_exposure",
  "severity": "critical",
  "raw_payload": {
    "file_path": "config/prod.env",
    "matched_pattern": "aws_access_key",
    "branch": "main"
  }
}

The LLM returns a structured JSON recommendation with action, rationale, intent_type, confidence, key_findings, evidence_references, and timestamp_utc.


Use with USAP

This repo is the default skills/ submodule in the USAP platform.

# Clone USAP with all public skills
git clone --recurse-submodules https://github.com/jaskaranhundal/usap.git

# To add private bug bounty skills alongside:
git submodule add https://github.com/jaskaranhundal/usap-bugbounty skills-bb
echo "USAP_SKILLS_PATHS=./skills,./skills-bb" >> .env
python3 -m usap.cli validate-agents   # 79 skills + 12 cs-* agents valid

Skill package structure

<slug>/
  SKILL.md                              # LLM system prompt + YAML frontmatter
  README.md                             # This file — what the agent does
  references/
    workflow.md                         # Step-by-step analyst workflow
    *.md                                # Domain-specific reference documents
  assets/
    templates/
      output-template.json              # Output schema template
  expected_outputs/
    sample_output.json                  # Representative output example
  scripts/
    <slug>_tool.py                      # CLI tool
    pre_analysis.py                     # Optional: deterministic pre-analysis

Shared utilities

shared/scripts/ contains tools used across multiple skill packages:

Script Description
cvss_scorer.py CVSS v3.1 base score calculator — no dependencies
bb_scope_enforcer.py Bug bounty scope enforcement — validates targets against scope file
gemini_chat.py Interactive Gemini CLI — loads a USAP kit as system prompt, starts a chat session

See shared/README.md for usage.


Contributing

To add a new agent, open a PR against this repo. See CONTRIBUTING.md for the full authoring guide including frontmatter requirements, SKILL.md body structure, and quality bar.


License

Apache 2.0 — see LICENSE.


Privacy

This plugin does not collect, store, or transmit any user data. All processing happens locally within your Claude Code session. No telemetry, no analytics, no external API calls are made by the plugin itself.

Contact: [email protected]

from github.com/jaskaranhundal/usap-skills

Установка Usap Skills

У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.

▸ github.com/jaskaranhundal/usap-skills

FAQ

Usap Skills MCP бесплатный?

Да, Usap Skills MCP бесплатный — установка в пару кликов через Unyly без оплаты.

Нужен ли API-ключ для Usap Skills?

Нет, Usap Skills работает без API-ключей и переменных окружения.

Usap Skills — hosted или self-hosted?

Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.

Как установить Usap Skills в Claude Desktop, Claude Code или Cursor?

Открой Usap Skills на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.

Похожие MCP

Compare Usap Skills with

Не уверен что выбрать?

Найди свой стек за 60 секунд

Автор?

Embed-бейдж для README

Похожее

Все в категории development