一键导入
security-scan
Analyze security posture across components. Shows vulnerabilities by severity, scanner type, SLA status, and remediation priority.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Analyze security posture across components. Shows vulnerabilities by severity, scanner type, SLA status, and remediation priority.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Generate a CI health report for a component or the entire organization. Uses controller analytics, run history, and security posture.
Create a Jira ticket from a build failure, security finding, or improvement recommendation.
Manage feature flags — list, inspect, enable, disable, or create flags. Supports progressive rollout workflows.
Show a unified view of all CI/CD pipelines across Jenkins, GitHub Actions, and CloudBees Workflows. The cross-tool picture no single tool can provide.
Check release readiness across all components. Verifies CI status, security gates, and feature flag states for a go/no-go decision.
Analyze the latest failed CI run for a component. Identifies failing jobs and steps, reads logs, determines root cause, and classifies the failure.
| name | security-scan |
| description | Analyze security posture across components. Shows vulnerabilities by severity, scanner type, SLA status, and remediation priority. |
| argument-hint | [component-name or 'all'] |
security_issues_all_get — get all open security issues across the org
components_list — get all components for cross-referencing
For each component with findings:
a. branches_list — find the default branch
b. security_findings_summary_get — severity breakdown
c. security_issues_open_get — detailed finding list
d. runs_list(limit=3) — check if recent scans ran successfully
Get org-level security reports:
a. organizations_suborg_report(s1) — components with scanner coverage
b. organizations_suborg_report(s2) — workflows with scanner coverage
c. organizations_suborg_report(s6) — scan types in automations
d. organizations_suborg_report(s8) — SLA status
NOTE: s4 and s5 may return "No Data Found" at the org level.
Use component-level tools instead if this happens.
Present a security dashboard:
Organization Security Posture
| Component | Critical | High | Medium | Low | Scanner | SLA Status |
|---|---|---|---|---|---|---|
| name | N | N | N | N | type | On track |
Scanner coverage: N of M components (X%) Workflow coverage: N of M workflows (X%) Scan types active: SAST / DAST / SCA / Container
For each finding, include: finding type, file path, line number, SLA due date
Rank findings by priority: Critical > High with approaching SLA > High > Medium > Low
Provide remediation recommendations
components_search — find the component
branches_list — find branches
security_findings_summary_get — severity breakdown for default branch
security_issues_open_get — all open issues with details
runs_list(limit=5) — recent scan run history
Present component-level security report with:
Offer next actions: