owasp-cicd
OWASP® CI/CD Top 10 — Skill Entry
This SKILL.md is the entrypoint for the OWASP CI/CD Top 10 skill.
The skill encodes the OWASP Top 10 CI/CD Security Risks as structured, machine-readable references that an agent can query to identify, assess, and remediate CI/CD pipeline security risks.
Normative references (CI/CD Top 10)
- 00 Vulnerability Index
- 01 Insufficient Flow Control Mechanisms
- 02 Inadequate Identity and Access Management
- 03 Dependency Chain Abuse
- 04 Poisoned Pipeline Execution
- 05 Insufficient PBAC
- 06 Insufficient Credential Hygiene
- 07 Insecure System Configuration
- 08 Ungoverned Usage of 3rd Party Services
- 09 Improper Artifact Integrity Validation
More from microsoft/hve-core
powerpoint
PowerPoint slide deck generation and management using python-pptx with YAML-driven content and styling - Brought to you by microsoft/hve-core
113hve-core-installer
Decision-driven installer for HVE-Core with 6 clone-based installation methods, extension quick-install, environment detection, and agent customization workflows - Brought to you by microsoft/hve-core
21owasp-top-10
OWASP Top 10 for Web Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in web application environments - Brought to you by microsoft/hve-core.
20video-to-gif
Video-to-GIF conversion skill with FFmpeg two-pass optimization - Brought to you by microsoft/hve-core
16gitlab
Manage GitLab merge requests and pipelines with a Python CLI - Brought to you by microsoft/hve-core
15owasp-agentic
OWASP Agentic Security Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in AI agent systems - Brought to you by microsoft/hve-core.
15