security-automation

Automate security operations for scale and efficiency.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "security-automation" with this command: npx skills add bagelhole/devops-security-agent-skills/bagelhole-devops-security-agent-skills-security-automation

Security Automation

Automate security operations for scale and efficiency.

Security Pipeline

.github/workflows/security.yml

name: Security Pipeline

on: [push, pull_request]

jobs: security: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4

  - name: Secret Scanning
    uses: trufflesecurity/trufflehog@main
    
  - name: SAST
    uses: returntocorp/semgrep-action@v1
    
  - name: Dependency Scan
    run: npm audit --audit-level=high
    
  - name: Container Scan
    uses: aquasecurity/trivy-action@master
    with:
      scan-type: 'fs'
      
  - name: Compliance Check
    run: |
      checkov -d . --framework terraform

Automated Remediation

Auto-remediation script

def remediate_public_s3(bucket_name): """Remove public access from S3 bucket.""" s3 = boto3.client('s3') s3.put_public_access_block( Bucket=bucket_name, PublicAccessBlockConfiguration={ 'BlockPublicAcls': True, 'IgnorePublicAcls': True, 'BlockPublicPolicy': True, 'RestrictPublicBuckets': True } )

SOAR Integration

playbook: name: Suspicious Login Response trigger: alert.type == "suspicious_login" actions: - enrich_ip: source: threat_intel - if_condition: ip.is_malicious then: - block_ip: firewall: cloudflare - disable_user: duration: 1h - notify: channel: security - create_ticket: priority: high

Compliance as Code

Checkov custom check

from checkov.terraform.checks.resource.base_resource_check import BaseResourceCheck

class S3Encryption(BaseResourceCheck): def init(self): name = "Ensure S3 bucket has encryption enabled" id = "CUSTOM_S3_1" supported_resources = ['aws_s3_bucket'] super().init(name=name, id=id, ...)

def scan_resource_conf(self, conf):
    if 'server_side_encryption_configuration' in conf:
        return CheckResult.PASSED
    return CheckResult.FAILED

Best Practices

  • Start with high-impact automations

  • Test in staging first

  • Include manual review gates

  • Monitor automation effectiveness

  • Regular rule updates

Related Skills

  • github-actions - CI/CD automation

  • policy-as-code - Policy enforcement

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

linux-administration

No summary provided by upstream source.

Repository SourceNeeds Review
32-bagelhole
Security

sops-encryption

No summary provided by upstream source.

Repository SourceNeeds Review
31-bagelhole
Security

linux-hardening

No summary provided by upstream source.

Repository SourceNeeds Review
28-bagelhole
Security

windows-server

No summary provided by upstream source.

Repository SourceNeeds Review
22-bagelhole