Security Suite

Name: Security Suite
Author: boshu2

boshu2/agentops

Run composable static, dynamic, and contract-based security primitives on binaries you own and emit a structured security report for policy gates.

Overview

Security Suite is an agent skill for the Ship phase that runs composable static, dynamic, and contract security primitives on authorized binaries and repo surfaces to produce policy-ready security reports.

Install

npx skills add https://github.com/boshu2/agentops --skill security-suite

What is this skill?

Five named primitives: collect-static, collect-dynamic, collect-contract, compare-baseline, enforce-policy
Separates concerns so security workflows stay testable and reusable
Produces security-report.json per skill output contract
Guardrails: authorized binaries and repo-managed surfaces only—no bypass of legal restrictions
Behavioral assurance and policy gating over ad-hoc one-off reverse engineering
Five composable primitives: collect-static, collect-dynamic, collect-contract, compare-baseline, enforce-policy

Compatible agents: Claude Code, Codex, Cursor, any compatible agent

Adoption & trust: 718 installs on skills.sh; 384 GitHub stars; 3/3 security scanners passed (skills.sh audits).

What problem does it solve?

You need consistent internal security signals on a binary or tool surface, but one-off scripts and opaque reverse-engineering do not scale or stay authorized.

Who is it for?

Builders shipping CLIs or agent ops binaries who want modular assurance on code they control or are explicitly authorized to test.

Skip if: Unauthorized third-party binary analysis, DRM circumvention, or teams that only need a generic dependency CVE scanner with no behavioral contract.

When should I use this skill?

When you need repeatable, authorized security or internal-testing workflows on binaries you own or may assess, with structured security-report output.

What do I get? / Deliverables

You get a structured security-report.json and repeatable primitive steps you can baseline, compare on drift, and feed into enforce-policy gates.

security-report.json aligned to the skill output contract
Baseline comparison and policy enforcement verdict inputs

Recommended Skills

Azure Compliancemicrosoft/azure-skills

Azure Compliance is a Microsoft agent skill for solo builders and small teams who need structured security and complianc…373k installs·1.2k stars

Openclaw Secure Linux Cloudxixu-me/skills

OpenClaw Secure Linux Cloud guides a hardened VPS deployment—rootless Podman, loopback-only gateway, SSH-tunneled Contro…201k installs·61 stars

Entra Agent Idmicrosoft/azure-skills

entra-agent-id is a Microsoft-authored agent skill for provisioning and operating OAuth-capable identities tailored to A…99.1k installs·1.2k stars

Firebase Security Rules Auditorfirebase/agent-skills

Firebase Security Rules Auditor turns your agent into a senior penetration-style reviewer for Firestore rulesets. Solo b…40.3k installs·345 stars

Firestore Security Rules Auditorfirebase/agent-skills

Firestore-security-rules-auditor is a checker skill for solo builders and small teams shipping Firebase-backed apps who …20.3k installs·345 stars

Skill Vetteruseai-pro/openclaw-skills-security

Skill Vetter is a security-first OpenClaw agent skill that makes your coding agent behave like a pre-install auditor for…19.2k installs·62 stars

Journey fit

Primary fit

Authorized assurance and internal testing belong on the Ship shelf before you trust a binary or prompt surface in wider distribution. Groups repeatable security primitives (not a single linter rule) under internal testing and supply-chain style review.

Also useful

OperateMonitoring & observability

How it compares

Composable authorized assurance primitives—not a passive SAST-only linter skill or a marketing security checklist.

Common Questions / FAQ

Who is security-suite for?

Indie and small-team builders running authorized security and internal testing on their own binaries or explicitly permitted targets, often alongside agentops-style repo context.

When should I use security-suite?

In Ship before release or promotion of a binary: collect static and dynamic signals, derive a behavior contract from help surfaces, compare to a baseline, and enforce allowlist policy.

Is security-suite safe to install?

The skill assumes you follow its guardrails on authorization; review the Security Audits panel on this page and never point dynamic collection at systems you do not own or lack permission to exercise.

SKILL.md

READMESKILL.md - Security Suite

# Security Suite

> **Purpose:** Provide composable, repeatable security/internal-testing primitives for authorized binaries and repo-managed prompt surfaces.

This skill separates concerns into primitives so security workflows stay testable and reusable.

## Guardrails

- Use only on binaries you own or are explicitly authorized to assess.
- Do not use this workflow to bypass legal restrictions or extract third-party proprietary content without authorization.
- Prefer behavioral assurance and policy gating over ad-hoc one-off reverse-engineering.

## Primitive Model

1. `collect-static` — file metadata, runtime heuristics, linked libraries, embedded archive signatures.
2. `collect-dynamic` — sandboxed execution trace (processes, file changes, network endpoints).
3. `collect-contract` — machine-readable behavior contract from help-surface probing.
4. `compare-baseline` — current vs baseline contract drift (added/removed commands, runtime change).
5. `enforce-policy` — allowlist/denylist gates and severity-based verdict.
6. `collect-redteam` — offline repo-surface attack-pack scan for prompt-injection, tool-misuse, secret-exfiltration, and unsafe-shell regressions.
7. `run` — thin binary orchestrator that composes primitives and writes suite summary.

## Quick Start

Single run (default dynamic command is `--help`):

```bash
python3 skills/security-suite/scripts/security_suite.py run \
  --binary "$(command -v ao)" \
  --out-dir .tmp/security-suite/ao-current
```

Baseline regression gate:

```bash
python3 skills/security-suite/scripts/security_suite.py run \
  --binary "$(command -v ao)" \
  --out-dir .tmp/security-suite/ao-current \
  --baseline-dir .tmp/security-suite/ao-baseline \
  --fail-on-removed
```

Policy gate:

```bash
python3 skills/security-suite/scripts/security_suite.py run \
  --binary "$(command -v ao)" \
  --out-dir .tmp/security-suite/ao-current \
  --policy-file skills/security-suite/references/policy-example.json \
  --fail-on-policy-fail
```

Repo-surface redteam:

```bash
python3 skills/security-suite/scripts/prompt_redteam.py scan \
  --repo-root . \
  --pack-file skills/security-suite/references/agentops-redteam-pack.json \
  --out-dir .tmp/security-suite-redteam
```

For OWASP Top 10 code-level review, see [references/owasp-checklist.md](references/owasp-checklist.md).

## Recommended Workflow

1. Capture baseline on known-good release.
2. Run suite on candidate binary in CI.
3. Compare against baseline and enforce policy.
4. Block promotion on failing verdict.

## Output Contract

All outputs are written under `--out-dir`:

- `static/static-analysis.json`
- `dynamic/dynamic-analysis.json`
- `contract/contract.json`
- `compare/baseline-diff.json` (when baseline supplied)
- `policy/policy-verdict.json` (when policy supplied)
- `suite-summary.json`
- `redteam/redteam-results.json` (when repo-surface redteam is run)

This output structure is intentionally machine-consumable for CI gates.

## Policy Model

Use `skills/security-suite/references/policy-example.json` as a starting point.

Supported checks:

- `required_top_level_commands`
- `deny_command_patterns`
- `max_created_files`
- `forbid_file_path_patterns`
- `allow_network_endpoint_patterns`
- `deny_network_endpoint_patterns`
- `block_if_removed_commands`
- `min_command_count`

## Redteam Pack Model

Use [agentops-redteam-pack.json](references/agentops-redteam-pack.json) as the
starting point for offline repo-surface redteam checks.

Supported target fiel

What is this skill?

Five named primitives: collect-static, collect-dynamic, collect-contract, compare-baseline, enforce-policy

Separates concerns so security workflows stay testable and reusable

Produces security-report.json per skill output contract

Guardrails: authorized binaries and repo-managed surfaces only—no bypass of legal restrictions

Behavioral assurance and policy gating over ad-hoc one-off reverse engineering

Five composable primitives: collect-static, collect-dynamic, collect-contract, compare-baseline, enforce-policy

Compatible agents: Claude Code, Codex, Cursor, any compatible agent

Adoption & trust: 718 installs on skills.sh; 384 GitHub stars; 3/3 security scanners passed (skills.sh audits).

Journey fit

Primary fit

Also useful

OperateMonitoring & observability

SKILL.md

READMESKILL.md - Security Suite

# Security Suite

> **Purpose:** Provide composable, repeatable security/internal-testing primitives for authorized binaries and repo-managed prompt surfaces.

This skill separates concerns into primitives so security workflows stay testable and reusable.

## Guardrails

- Use only on binaries you own or are explicitly authorized to assess.
- Do not use this workflow to bypass legal restrictions or extract third-party proprietary content without authorization.
- Prefer behavioral assurance and policy gating over ad-hoc one-off reverse-engineering.

## Primitive Model

1. `collect-static` — file metadata, runtime heuristics, linked libraries, embedded archive signatures.
2. `collect-dynamic` — sandboxed execution trace (processes, file changes, network endpoints).
3. `collect-contract` — machine-readable behavior contract from help-surface probing.
4. `compare-baseline` — current vs baseline contract drift (added/removed commands, runtime change).
5. `enforce-policy` — allowlist/denylist gates and severity-based verdict.
6. `collect-redteam` — offline repo-surface attack-pack scan for prompt-injection, tool-misuse, secret-exfiltration, and unsafe-shell regressions.
7. `run` — thin binary orchestrator that composes primitives and writes suite summary.

## Quick Start

Single run (default dynamic command is `--help`):

```bash
python3 skills/security-suite/scripts/security_suite.py run \
  --binary "$(command -v ao)" \
  --out-dir .tmp/security-suite/ao-current
```

Baseline regression gate:

```bash
python3 skills/security-suite/scripts/security_suite.py run \
  --binary "$(command -v ao)" \
  --out-dir .tmp/security-suite/ao-current \
  --baseline-dir .tmp/security-suite/ao-baseline \
  --fail-on-removed
```

Policy gate:

```bash
python3 skills/security-suite/scripts/security_suite.py run \
  --binary "$(command -v ao)" \
  --out-dir .tmp/security-suite/ao-current \
  --policy-file skills/security-suite/references/policy-example.json \
  --fail-on-policy-fail
```

Repo-surface redteam:

```bash
python3 skills/security-suite/scripts/prompt_redteam.py scan \
  --repo-root . \
  --pack-file skills/security-suite/references/agentops-redteam-pack.json \
  --out-dir .tmp/security-suite-redteam
```

For OWASP Top 10 code-level review, see [references/owasp-checklist.md](references/owasp-checklist.md).

## Recommended Workflow

1. Capture baseline on known-good release.
2. Run suite on candidate binary in CI.
3. Compare against baseline and enforce policy.
4. Block promotion on failing verdict.

## Output Contract

All outputs are written under `--out-dir`:

- `static/static-analysis.json`
- `dynamic/dynamic-analysis.json`
- `contract/contract.json`
- `compare/baseline-diff.json` (when baseline supplied)
- `policy/policy-verdict.json` (when policy supplied)
- `suite-summary.json`
- `redteam/redteam-results.json` (when repo-surface redteam is run)

This output structure is intentionally machine-consumable for CI gates.

## Policy Model

Use `skills/security-suite/references/policy-example.json` as a starting point.

Supported checks:

- `required_top_level_commands`
- `deny_command_patterns`
- `max_created_files`
- `forbid_file_path_patterns`
- `allow_network_endpoint_patterns`
- `deny_network_endpoint_patterns`
- `block_if_removed_commands`
- `min_command_count`

## Redteam Pack Model

Use [agentops-redteam-pack.json](references/agentops-redteam-pack.json) as the
starting point for offline repo-surface redteam checks.

Supported target fiel

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is security-suite for?

When should I use security-suite?

Is security-suite safe to install?

SKILL.md

This week for builders

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is security-suite for?

When should I use security-suite?

Is security-suite safe to install?

SKILL.md