Does this skill fix security issues automatically?

The skill identifies vulnerabilities and provides specific remediation advice, allowing you to review and apply the recommended changes securely.

What types of files can this skill analyze?

It can analyze infrastructure-as-code files like Terraform and CloudFormation, as well as application configuration files such as .yml, .json, and .env.

Can I use this for cloud security audits?

Yes, it is designed to check cloud resource configurations for issues like publicly accessible buckets, insecure network settings, and overly permissive IAM roles.

Is this skill useful for DevOps pipelines?

Absolutely. It is ideal for pre-deployment checks to ensure that security misconfigurations are caught and fixed before code is pushed to production.

Security Misconfiguration Finder

Name: Security Misconfiguration Finder
Author: BbgnsurfTech

byBbgnsurfTech

•

セキュリティとテスト

Audits configuration files and system settings to proactively identify and remediate security vulnerabilities and compliance issues.

概要

This skill empowers Claude to perform automated security audits by analyzing infrastructure-as-code files, application configurations, and system settings for common weaknesses. By leveraging the security-misconfiguration-finder plugin, it helps developers and DevOps teams detect insecure defaults, exposed secrets, and non-compliant network settings early in the development lifecycle. Whether you are reviewing Terraform plans, CloudFormation templates, or application YAML files, this skill provides actionable remediation advice to strengthen your overall security posture and ensure alignment with industry best practices.

主な機能

Deep analysis of application configuration files like YAML and JSON
Detection of insecure defaults and missing security headers
Compliance auditing against industry security best practices
Actionable remediation recommendations for identified vulnerabilities
Automated IaC scanning for Terraform and CloudFormation
3 GitHub stars

ユースケース

Checking system settings for password policy and access control compliance
Pre-deployment security audit of infrastructure-as-code scripts
Identifying exposed API keys or credentials in local configuration files

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bbgnsurftech/claude-skills-collection security-misconfiguration-finder

For use in Claude.ai and ChatGPT

Download Skill

GitHub

概要