Skip to main content
Ejecuta cualquier Skill en Manus
con un clic
Repositorio de GitHub

grimsec-suite

grimsec-suite contiene 12 skills recopiladas de camgrimsec, con cobertura ocupacional por repositorio y páginas de detalle dentro del sitio.

skills recopiladas
12
Stars
2
actualizado
2026-04-13
Forks
1
Cobertura ocupacional
3 categorías ocupacionales · 100% clasificado
explorador de repositorios

Skills en este repositorio

devsecops-repo-analyzer
Analistas de seguridad de la información

Performs end-to-end DevSecOps security analysis on any GitHub repository. Runs a 6-stage pipeline: repo ingestion and inventory, application context classification with STRIDE threat modeling, multi-tool vulnerability scanning (SAST, SCA via Trivy + Snyk + Grype, secrets, IaC), reachability and context analysis that assigns Real Risk Scores, remediation recommendations with optional GitHub PR generation, and a final structured assessment report. Use when the user asks to analyze a repo for security issues, run a DevSecOps assessment, threat model a codebase, check for vulnerabilities, or audit an open source project. Triggers include phrases like "analyze this repo", "security scan", "vulnerability assessment", "threat model this", "DevSecOps analysis", "audit this codebase", or "check this project for security issues".

2026-04-13
cicd-pipeline-auditor
Analistas de seguridad de la información

Audits GitHub Actions CI/CD workflow files for supply chain and pipeline security risks. Use when asked to audit, analyze, scan, or review GitHub Actions workflows, .github/workflows/, CI/CD pipelines, pipeline security, or DevSecOps pipeline hardening. Detects unpinned third-party actions (supply chain attacks like tj-actions CVE-2025-30066), expression injection / script injection, overly permissive permissions, dangerous triggers (pull_request_target, workflow_run PPE), secrets exposure, and self-hosted runner risks. Part of the GRIMSEC DevSecOps agent suite.

2026-04-13
vulnerability-context-enricher
Analistas de seguridad de la información

Enriches CVE identifiers with multi-source intelligence from NVD, GitHub Advisory Database (via OSV.dev), EPSS exploit prediction scores, and CISA Known Exploited Vulnerabilities catalog. For each CVE, retrieves CVSS scores with full vector decomposition, CWE weakness classification, MITRE ATT&CK technique mapping, affected package versions and fix availability, 30-day exploitation probability, and active exploitation status. Generates plain-language exploitability summaries and composite priority scores suitable for non-security engineering teams. Works standalone with individual CVE IDs or in batch mode from Trivy scan output. Chains with devsecops-repo-analyzer to add external intelligence to reachability analysis findings. Use when the user asks to "look up a CVE", "enrich vulnerabilities", "check if a CVE is exploited in the wild", "get EPSS score", "map CVEs to ATT&CK", "prioritize vulnerabilities", "check CISA KEV", or "explain this vulnerability to my team".

2026-04-13
doc-intelligence-agent
Analistas de seguridad de la información

Performs deep documentation analysis on software repositories to build a comprehensive product context profile used to validate and enrich security vulnerability findings. Use when analyzing repositories for security assessments, when security scanner findings need context about the application's actual runtime environment, when evaluating whether scanner-reported vulnerabilities are mitigated by existing security controls, or when preparing security PRs that reference deployment architecture, authentication model, sandboxing, encryption, and audit logging. Covers documentation analysis, product context extraction, security architecture mapping, deployment security, API surface analysis, and vulnerability context adjustment.

2026-04-13
threat-intel-monitor
Analistas de seguridad de la información

Continuous threat intelligence monitoring agent for DevSecOps. Monitors CISA KEV (Known Exploited Vulnerabilities), OSV.dev, NVD, and GitHub Advisory Database for newly disclosed CVEs, then cross-references them against dependency inventories from previously analyzed repositories to detect exposure. Use when asked to check for new threats, monitor CVEs, run a threat intel scan, detect new vulnerabilities affecting monitored repos, or schedule recurring vulnerability monitoring. Part of the GRIMSEC DevSecOps agent suite. Integrates with devsecops-repo-analyzer inventory outputs.

2026-04-13
executive-reporting-agent
Gerentes de sistemas informáticos y de informaciónDirectores ejecutivos

Generates executive-level security posture reports for CISOs, CTOs, and board members. Translates raw DevSecOps findings into business impact metrics including financial risk quantification, compliance alignment, MTTR benchmarking, supply chain exposure, and engineering velocity impact. Use when asked to create executive reports, board presentations, security ROI analysis, risk quantification, compliance mapping, or leadership briefings from security scan data. Chains with devsecops-repo-analyzer, cicd-pipeline-auditor, and vulnerability-context-enricher outputs.

2026-04-13
dast-scanner
Analistas de seguridad de la información

Dynamic Application Security Testing (DAST) skill for the GRIMSEC DevSecOps agent suite (Agent 7). Performs runtime vulnerability detection on running web applications using Nuclei and OWASP ZAP. Use when performing DAST, dynamic testing, black-box scanning, web application security testing, ZAP scanning, Nuclei scanning, OWASP testing, or runtime vulnerability detection against a live target URL or Docker-hosted application.

2026-04-13
exploit-validation-agent
Analistas de seguridad de la información

GRIMSEC Agent 8 — Exploit Validation Agent. Use when validating security findings from devsecops-repo-analyzer with Real Risk Score >= 7. Generates proof-of-concept exploits, proves exploitability through static analysis and code tracing, and produces structured validation reports. Triggered by keywords: exploit validation, PoC generation, prove exploitability, validate finding, RRS >= 7, reachability-analysis.json, grimsec validation, devsecops exploit, security finding confirmation.

2026-04-13
code-understanding-agent
Analistas de seguridad de la información

GRIMSEC Agent 9 — adversarial code comprehension for the DevSecOps suite. Use when asked to map attack surfaces, trace data flows from source to sink, hunt for vulnerability variants, or explain the security model of a framework. Trigger phrases: understand code, map attack surface, trace dataflow, hunt variants, explain framework security, /understand, code comprehension, entry points, dangerous sinks, taint analysis, reachability analysis.

2026-04-13
iac-policy-agent
Analistas de seguridad de la información

GRIMSEC Agent 10 — Infrastructure-as-Code security scanning and policy enforcement. Use when asked to scan IaC files, run Checkov, evaluate OPA/Rego policies, generate SBOMs, map compliance controls, or audit Terraform, Kubernetes, Docker, CloudFormation, Ansible, or GitHub Actions configurations. Trigger phrases include: scan infrastructure code, check IaC security, run Checkov, evaluate Rego policies, CIS benchmark compliance, SOC2 IaC controls, NIST 800-53 infrastructure, policy enforcement, SBOM generation, Dockerfile security, K8s security policies, Terraform security review.

2026-04-13
oss-forensics-agent
Analistas de seguridad de la información

GRIMSEC Agent 11: Evidence-backed forensic investigation of open-source GitHub repositories. Use when investigating supply chain incidents, suspicious commits, compromised maintainer accounts, backdoor injections, or any open-source security incident. Triggered by phrases like "investigate this repo", "forensic analysis of", "check for supply chain compromise", "was this package backdoored", "analyze suspicious maintainer activity", "oss forensics", or after cicd-pipeline-auditor flags suspicious patterns. Inspired by Raptor's /oss-forensics command.

2026-04-13
adversary-simulation-agent
Analistas de seguridad de la información

GRIMSEC Agent 12 — Adversary Simulation. Orchestrates controlled adversary simulation using RedAmon (autonomous pentest framework) to convert static vulnerability findings into evidence-backed attack narratives. Use when asked to run adversary simulation, penetration testing, red team exercises, exploit proven vulnerabilities, simulate attack chains, produce kill-chain reports, map ATT&CK techniques, generate executive attack narratives, or perform post-exploitation impact assessment. Reads EXPLOITABLE findings from exploit-validation-agent and produces simulation-report.md for executive-reporting-agent.

2026-04-13