Anthropic Cybersecurity Skills

Name: Anthropic Cybersecurity Skills
Author: aradotso

aradotso/security-skills

Give your coding agent MITRE- and NIST-aligned playbooks for incident response, malware analysis, threat hunting, and cloud posture without piecing together ad-hoc security prompts.

Install

npx skills add https://github.com/aradotso/security-skills --skill anthropic-cybersecurity-skills

What is this skill?

754 production-grade cybersecurity skills across 26 security domains
Mapped to MITRE ATT&CK, NIST CSF 2.0, ATLAS, D3FEND, and NIST AI RMF
Structured agentskills.io-style packages per skill with install via npx, clone, or submodule
Trigger coverage from malware and memory forensics to cloud posture and ATT&CK mapping
Designed for AI-driven security operations with framework-aligned guidance

Adoption & trust: 675 installs on skills.sh; 1 GitHub stars; 1/3 security scanners passed (skills.sh audits).

Recommended Skills

Azure Compliancemicrosoft/azure-skills

Azure Compliance is a Microsoft agent skill for solo builders and small teams who need structured security and complianc…373k installs·1.2k stars

Openclaw Secure Linux Cloudxixu-me/skills

OpenClaw Secure Linux Cloud guides a hardened VPS deployment—rootless Podman, loopback-only gateway, SSH-tunneled Contro…201k installs·61 stars

Entra Agent Idmicrosoft/azure-skills

entra-agent-id is a Microsoft-authored agent skill for provisioning and operating OAuth-capable identities tailored to A…99.1k installs·1.2k stars

Firebase Security Rules Auditorfirebase/agent-skills

Firebase Security Rules Auditor turns your agent into a senior penetration-style reviewer for Firestore rulesets. Solo b…40.3k installs·345 stars

Firestore Security Rules Auditorfirebase/agent-skills

Firestore-security-rules-auditor is a checker skill for solo builders and small teams shipping Firebase-backed apps who …20.3k installs·345 stars

Skill Vetteruseai-pro/openclaw-skills-security

Skill Vetter is a security-first OpenClaw agent skill that makes your coding agent behave like a pre-install auditor for…19.2k installs·62 stars

Journey fit

Primary fit

Canonical shelf is Ship → Security because triggers center on investigation, malware, forensics, threat hunting, and incident response—work you run before and after production issues escalate. Security subphase fits structured IR, ATT&CK mapping, and posture checks rather than generic app testing or launch distribution.

Common Questions / FAQ

Is Anthropic Cybersecurity Skills safe to install?

skills.sh reports 1 of 3 security scanners passed. Review the Security Audits panel on this page before installing in production.

SKILL.md

READMESKILL.md - Anthropic Cybersecurity Skills

# anthropic-cybersecurity-skills

> Skill by [ara.so](https://ara.so) — Security Skills collection.

## Overview

The Anthropic Cybersecurity Skills library provides 754 production-grade cybersecurity skills spanning 26 security domains. Each skill is structured following the agentskills.io standard and mapped to five industry frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, MITRE D3FEND, and NIST AI RMF. This enables AI agents to perform security operations with expert-level guidance.

## Installation

```bash
# Option 1: Using npx (recommended)
npx skills add mukul975/Anthropic-Cybersecurity-Skills

# Option 2: Git clone
git clone https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
cd Anthropic-Cybersecurity-Skills

# Option 3: Add as submodule
git submodule add https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git skills/cybersecurity
```

## Directory Structure

```
skills/
├── {skill-name}/
│   ├── SKILL.md              # Skill definition with YAML frontmatter
│   ├── references/
│   │   ├── standards.md      # Framework mappings
│   │   └── workflows.md      # Technical procedures
│   ├── scripts/
│   │   └── *.py              # Helper scripts
│   └── assets/
│       └── *.md              # Templates and checklists
```

## Discovering Skills

### By Domain

Skills are organized into 26 domains. List all domains:

```python
import os
import yaml

def list_domains():
    domains = {}
    for skill_dir in os.listdir('skills'):
        skill_path = f'skills/{skill_dir}/SKILL.md'
        if os.path.exists(skill_path):
            with open(skill_path, 'r') as f:
                content = f.read()
                # Extract YAML frontmatter
                if content.startswith('---'):
                    yaml_end = content.find('---', 3)
                    frontmatter = yaml.safe_load(content[3:yaml_end])
                    domain = frontmatter.get('domain', 'unknown')
                    subdomain = frontmatter.get('subdomain', 'general')
                    
                    if domain not in domains:
                        domains[domain] = {}
                    if subdomain not in domains[domain]:
                        domains[domain][subdomain] = []
                    domains[domain][subdomain].append(frontmatter['name'])
    
    return domains

# Usage
domains = list_domains()
for domain, subdomains in domains.items():
    print(f"\n{domain.upper()}")
    for subdomain, skills in subdomains.items():
        print(f"  {subdomain}: {len(skills)} skills")
```

### By Framework Mapping

Find skills mapped to specific ATT&CK techniques:

```python
def find_by_attack_technique(technique_id):
    """Find skills mapped to a specific ATT&CK technique"""
    matching_skills = []
    
    for skill_dir in os.listdir('skills'):
        skill_path = f'skills/{skill_dir}/SKILL.md'
        if os.path.exists(skill_path):
            with open(skill_path, 'r') as f:
                content = f.read()
                if content.startswith('---'):
                    yaml_end = content.find('---', 3)
                    frontmatter = yaml.safe_load(content[3:yaml_end])
                    
                    # Check ATT&CK mappings in references
                    refs_path = f'skills/{skill_dir}/references/standards.md'
                    if os.path.exists(refs_path):
                        with open(refs_path, 'r') as ref_file:
                            if technique_id in ref_

What is this skill?

754 production-grade cybersecurity skills across 26 security domains

Mapped to MITRE ATT&CK, NIST CSF 2.0, ATLAS, D3FEND, and NIST AI RMF

Structured agentskills.io-style packages per skill with install via npx, clone, or submodule

Trigger coverage from malware and memory forensics to cloud posture and ATT&CK mapping

Designed for AI-driven security operations with framework-aligned guidance

Adoption & trust: 675 installs on skills.sh; 1 GitHub stars; 1/3 security scanners passed (skills.sh audits).

Journey fit

Primary fit

SKILL.md

READMESKILL.md - Anthropic Cybersecurity Skills

# anthropic-cybersecurity-skills

> Skill by [ara.so](https://ara.so) — Security Skills collection.

## Overview

The Anthropic Cybersecurity Skills library provides 754 production-grade cybersecurity skills spanning 26 security domains. Each skill is structured following the agentskills.io standard and mapped to five industry frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, MITRE D3FEND, and NIST AI RMF. This enables AI agents to perform security operations with expert-level guidance.

## Installation

```bash
# Option 1: Using npx (recommended)
npx skills add mukul975/Anthropic-Cybersecurity-Skills

# Option 2: Git clone
git clone https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
cd Anthropic-Cybersecurity-Skills

# Option 3: Add as submodule
git submodule add https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git skills/cybersecurity
```

## Directory Structure

```
skills/
├── {skill-name}/
│   ├── SKILL.md              # Skill definition with YAML frontmatter
│   ├── references/
│   │   ├── standards.md      # Framework mappings
│   │   └── workflows.md      # Technical procedures
│   ├── scripts/
│   │   └── *.py              # Helper scripts
│   └── assets/
│       └── *.md              # Templates and checklists
```

## Discovering Skills

### By Domain

Skills are organized into 26 domains. List all domains:

```python
import os
import yaml

def list_domains():
    domains = {}
    for skill_dir in os.listdir('skills'):
        skill_path = f'skills/{skill_dir}/SKILL.md'
        if os.path.exists(skill_path):
            with open(skill_path, 'r') as f:
                content = f.read()
                # Extract YAML frontmatter
                if content.startswith('---'):
                    yaml_end = content.find('---', 3)
                    frontmatter = yaml.safe_load(content[3:yaml_end])
                    domain = frontmatter.get('domain', 'unknown')
                    subdomain = frontmatter.get('subdomain', 'general')
                    
                    if domain not in domains:
                        domains[domain] = {}
                    if subdomain not in domains[domain]:
                        domains[domain][subdomain] = []
                    domains[domain][subdomain].append(frontmatter['name'])
    
    return domains

# Usage
domains = list_domains()
for domain, subdomains in domains.items():
    print(f"\n{domain.upper()}")
    for subdomain, skills in subdomains.items():
        print(f"  {subdomain}: {len(skills)} skills")
```

### By Framework Mapping

Find skills mapped to specific ATT&CK techniques:

```python
def find_by_attack_technique(technique_id):
    """Find skills mapped to a specific ATT&CK technique"""
    matching_skills = []
    
    for skill_dir in os.listdir('skills'):
        skill_path = f'skills/{skill_dir}/SKILL.md'
        if os.path.exists(skill_path):
            with open(skill_path, 'r') as f:
                content = f.read()
                if content.startswith('---'):
                    yaml_end = content.find('---', 3)
                    frontmatter = yaml.safe_load(content[3:yaml_end])
                    
                    # Check ATT&CK mappings in references
                    refs_path = f'skills/{skill_dir}/references/standards.md'
                    if os.path.exists(refs_path):
                        with open(refs_path, 'r') as ref_file:
                            if technique_id in ref_

Install

What is this skill?

Recommended Skills

Journey fit

Is Anthropic Cybersecurity Skills safe to install?

SKILL.md

This week for builders

Install

What is this skill?

Recommended Skills

Journey fit

Is Anthropic Cybersecurity Skills safe to install?

SKILL.md