一键导入
owasp-cicd
OWASP CI/CD Top 10 knowledge base for identifying, assessing, and remediating CI/CD pipeline security risks.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
OWASP CI/CD Top 10 knowledge base for identifying, assessing, and remediating CI/CD pipeline security risks.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Canonical documentation capability for audit, drift, validate, and author modes in hve-core.
Text-to-speech voice-over generation from YAML speaker notes using Azure Speech SDK with SSML pronunciation control
PowerPoint slide deck generation and management using python-pptx with YAML-driven content and styling
Authors Vally conformance tests for prompts, instructions, agents, and skills, including refusals for jailbreak, prompt-injection, harmful-elicitation, TOS, CoC, and PII-extraction stimuli
Manage GitLab merge requests and pipelines with a Python CLI
Jira issue workflows for search, issue updates, transitions, comments, and field discovery via the Jira REST API. Use when you need to search with JQL, inspect an issue, create or update work items, move an issue between statuses, post comments, or discover required fields for issue creation.
| name | owasp-cicd |
| description | OWASP CI/CD Top 10 knowledge base for identifying, assessing, and remediating CI/CD pipeline security risks. |
| license | CC-BY-SA-4.0 |
| user-invocable | false |
| metadata | {"authors":"OWASP CI/CD Security Project","spec_version":"1.0","framework_revision":"1.0.0","last_updated":"2026-02-16","skill_based_on":"https://github.com/chris-buckley/agnostic-prompt-standard","content_based_on":"https://owasp.org/www-project-top-10-ci-cd-security-risks/"} |
This SKILL.md is the entrypoint for the OWASP CI/CD Top 10 skill.
The skill encodes the OWASP Top 10 CI/CD Security Risks as structured, machine-readable references that an agent can query to identify, assess, and remediate CI/CD pipeline security risks.
SKILL.md — this file (skill entrypoint).references/ — the CI/CD Top 10 normative documents.
00-vulnerability-index.md — index of all vulnerability identifiers, categories, and cross-references.01 through 10 — one document per vulnerability aligned with OWASP CI/CD Security numbering.Copyright © OWASP Foundation. OWASP® Top 10 CI/CD Security Risks content is derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0/). Source: https://owasp.org/www-project-top-10-ci-cd-security-risks/ Modifications: Vulnerability descriptions restructured into agent-consumable reference documents with added detection and remediation guidance. OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement.