Skip to main content
Ejecuta cualquier Skill en Manus
con un clic
Repositorio de GitHub

claude-sec

claude-sec contiene 2 skills recopiladas de ComposableSecurity, con cobertura ocupacional por repositorio y páginas de detalle dentro del sitio.

skills recopiladas
2
Stars
3
actualizado
2026-06-09
Forks
1
Cobertura ocupacional
1 categorías ocupacionales · 100% clasificado
explorador de repositorios

Skills en este repositorio

claude-sec-fill-deny-paths
Analistas de seguridad de la información

Scans this project's workspace for credential- and secret-shaped files and populates `.claude/hardening/deny-workspace-paths.txt` with the agreed list, so Claude Code's file tools cannot touch them afterwards. Run this skill once on a fresh project, after `claude-sec .` has installed the hardening template and before any other significant work. The skill can ONLY run when `deny-workspace-paths.txt` has no active rules yet — if the file already has rules, the skill refuses and explains that the file must be cleared first. After the write, the file-access policy seals the `.claude/` directory from Claude Code's file tools. Trigger phrases include "fill deny paths", "scan for sensitive files", "populate the workspace deny list", "run the deny-paths skill", or any first-turn question on a fresh project about which files should be hidden from Claude.

2026-06-09
claude-sec-generate-security-guidance
Analistas de seguridad de la información

Generates a `claude-security-guidance.md` file at the project root. The Anthropic `security-guidance` plugin loads it as additional context during its model-backed code reviews. The skill first checks whether the plugin is enabled in `.claude/settings.json`; if not, it tells the user to run `claude-sec configure`, enable the plugin, and then rerun this skill. When the plugin is enabled, the skill reads the project's own docs (README, SECURITY.md, dependency manifests, architecture docs, optionally a website / docs URL), runs an industry / stack interview when the repo lacks enough context, drafts the file with concrete threat-model and review-checklist sections tailored to the project, and saves it after the user reviews and approves. Trigger phrases include "generate security guidance", "write claude-security-guidance", "create the security guidance file", or any question about giving the security-guidance plugin a project-specific threat model.

2026-06-09