The Agent Skills Directory

[COMMAND_EXECUTION]: The skill describes using various shell commands for security auditing and management tasks. It utilizes the GitHub CLI (gh) to inspect organization members, repository collaborators, and audit logs. It also includes commands for repository backups using git clone and local web server hosting for link validation.
[EXTERNAL_DOWNLOADS]: The skill facilitates the use of external security and validation tools. It includes instructions to install Node.js packages (htmlhint, csslint, linkinator) and references several external GitHub Actions for malware scanning (dell/common-github-actions/malware-scanner) and dependency analysis (dependency-check/Dependency-Check_Action). It also uses a Docker image from OWASP for penetration testing.
[DATA_EXFILTRATION]: While the skill accesses organization-level metadata and audit logs via GitHub APIs, these operations are part of a legitimate security auditing process for the vendor's own resources. These actions target well-known services and are appropriate for the intended security hardening use case.

cis-controls