Does this skill fix security issues automatically?

The skill identifies vulnerabilities and provides specific remediation advice, allowing you to review and apply the recommended changes securely.

What types of files can this skill analyze?

It can analyze infrastructure-as-code files like Terraform and CloudFormation, as well as application configuration files such as .yml, .json, and .env.

Can I use this for cloud security audits?

Yes, it is designed to check cloud resource configurations for issues like publicly accessible buckets, insecure network settings, and overly permissive IAM roles.

Is this skill useful for DevOps pipelines?

Absolutely. It is ideal for pre-deployment checks to ensure that security misconfigurations are caught and fixed before code is pushed to production.

Security Misconfiguration Finder

Name: Security Misconfiguration Finder
Author: BbgnsurfTech

byBbgnsurfTech

•

セキュリティとテスト

Audits configuration files and system settings to proactively identify and remediate security vulnerabilities and compliance issues.

This skill empowers Claude to perform automated security audits by analyzing infrastructure-as-code files, application configurations, and system settings for common weaknesses. By leveraging the security-misconfiguration-finder plugin, it helps developers and DevOps teams detect insecure defaults, exposed secrets, and non-compliant network settings early in the development lifecycle. Whether you are reviewing Terraform plans, CloudFormation templates, or application YAML files, this skill provides actionable remediation advice to strengthen your overall security posture and ensure alignment with industry best practices.

主な機能

01Deep analysis of application configuration files like YAML and JSON

02Detection of insecure defaults and missing security headers

03Compliance auditing against industry security best practices

04Actionable remediation recommendations for identified vulnerabilities

05Automated IaC scanning for Terraform and CloudFormation

063 GitHub stars

ユースケース

01Checking system settings for password policy and access control compliance

02Pre-deployment security audit of infrastructure-as-code scripts

03Identifying exposed API keys or credentials in local configuration files

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bbgnsurftech/claude-skills-collection security-misconfiguration-finder

For use in Claude.ai and ChatGPT

Download Skill

主な機能

01Deep analysis of application configuration files like YAML and JSON

02Detection of insecure defaults and missing security headers

03Compliance auditing against industry security best practices

04Actionable remediation recommendations for identified vulnerabilities

05Automated IaC scanning for Terraform and CloudFormation

063 GitHub stars

ユースケース

01Checking system settings for password policy and access control compliance

02Pre-deployment security audit of infrastructure-as-code scripts

03Identifying exposed API keys or credentials in local configuration files

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bbgnsurftech/claude-skills-collection security-misconfiguration-finder

For use in Claude.ai and ChatGPT

Download Skill