secure | secure | ClaudePluginHub

Skill

Community

secure

0

Description

Find and fix security issues before they become incidents. Vulnerability scanning, SBOM generation, supply chain security, and secure authentication workflows.

AI Summary

Find and fix security vulnerabilities with automated scanning, SBOM generation, and supply chain analysis. Use when you need to identify CVEs, audit dependencies, or implement secure authentication workflows before deployment.

Install

1

Add the repository(one-time)

$

/plugin marketplace add adaptive-enforcement-lab/claude-skills

2

Install the plugin

$

/plugin install secure@ael-skills

Tool Access

This skill inherits all available tools. When active, it can use any tool Claude has access to.

Supporting Assets

View in Repository

examples.md

scripts/example-1.yaml

scripts/example-2.yaml

scripts/example-3.yaml

Skill Content

Secure

When to Use This Skill

This section covers the tools and practices for discovering and remediating security issues in code, dependencies, containers, and supply chains.

Implementation

Start with GitHub Apps: Replace PATs with secure, auditable authentication
Add vulnerability scanning: Catch known CVEs before they deploy
Generate SBOMs: Document your supply chain for compliance
Run Scorecard: Measure and improve security posture
Layer on enforcement: Make findings actionable with Enforce patterns

Comparison

Understanding the distinction:

Secure (this section): Find and fix security issues
- Vulnerability scanners that identify CVEs
- SBOM generators that document dependencies
- Security tools that discover weaknesses
- GitHub Apps that provide secure authentication
Enforce (see Enforce): Make security mandatory through automation
- Branch protection that requires reviews
- Pre-commit hooks that block violations
- Status checks that prevent merges
- Policy-as-code that enforces runtime compliance

Litmus test: Can this be bypassed?

If no → It's a Secure tool (finding/fixing)
If yes → It belongs in Enforce (making mandatory)

Examples

See examples.md for code examples.

Related Patterns

Enforce
Build
Patterns

References

Links

GitHub Stats

0 forks

Updated 4 days ago

Similar Skills

gitops-workflow

Implement GitOps workflows with ArgoCD and Flux for automated, declarative Kubernetes deployments with continuous reconciliation. Use when implementing GitOps practices, automating Kubernetes deployments, or setting up declarative infrastructure management.

kubernetes-operations

24.8k

helm-chart-scaffolding

Design, organize, and manage Helm charts for templating and packaging Kubernetes applications with reusable configurations. Use when creating Helm charts, packaging Kubernetes applications, or implementing templated deployments.

kubernetes-operations

24.8k

k8s-manifest-generator

Create production-ready Kubernetes manifests for Deployments, Services, ConfigMaps, and Secrets following best practices and security standards. Use when generating Kubernetes YAML manifests, creating K8s resources, or implementing production-grade Kubernetes configurations.

kubernetes-operations

24.8k