The Agent Skills Directory

[SAFE]: The skill is designed for security auditing of Fastly NGWAF configurations, identifying potential gaps in protection rules to help prevent Account Takeover (ATO) and carding attacks.
[COMMAND_EXECUTION]: Executes a local bash script (assess_ngwaf_rules.sh) that uses standard system utilities like curl and jq. This script performs the audit by fetching configuration data from the Fastly API.
[EXTERNAL_DOWNLOADS]: Interacts with Fastly's official API endpoints (api.fastly.com) to retrieve workspace information, rule settings, and recent request logs. These network operations are limited to the vendor's own infrastructure and are necessary for the skill's stated purpose.
[CREDENTIALS_UNSAFE]: Uses the FASTLY_API_KEY environment variable for authentication. The skill correctly instructs the user to configure this variable, following standard practices for managing API secrets in CLI tools.

fastly-ngwaf