What is Security Scanning Security Hardening?

Security Scanning Security Hardening is a free, open-source AI agent skill. Coordinate multi-layer security scanning and hardening across application, infrastructure, and compliance controls.

How do I install Security Scanning Security Hardening?

Install Security Scanning Security Hardening with a single command: npx mdskills install sickn33/security-scanning-security-hardening. This downloads the skill files into your project and your AI agent picks them up automatically.

What platforms support Security Scanning Security Hardening?

Security Scanning Security Hardening works with Claude Code, Claude Desktop, Cursor, Vscode Copilot, Windsurf, Continue Dev, Codex, Gemini Cli, Amp, Roo Code, Goose, Opencode, Trae, Qodo, Command Code. Skills use the open SKILL.md format which is compatible with any AI coding agent that reads markdown instructions.

← Back to skills

Security Scanning Security Hardening

Name: Security Scanning Security Hardening: AI Agent Skill
Rating: 8 (1 reviews)
Author: sickn33

Verified

Intermediate

Coordinate multi-layer security scanning and hardening across application, infrastructure, and compliance controls.

by @sickn331 installs0Updated 2 weeks ago

Add this skill

npx mdskills install sickn33/security-scanning-security-hardening

Fork & Edit

Skill Advisor8.0

Comprehensive multi-phase security orchestration with detailed tool prompts and clear success criteria

+Provides actionable prompts for 13 coordinated security phases with specific tools and outputs
+Includes clear trigger conditions, safety guidelines, and measurable success criteria
+Coordinates multiple specialized subagents with context flow between phases
-Relies heavily on external subagent availability without fallback strategies

SKILL.md

Edit in Browser

1---
2name: security-scanning-security-hardening
3description: "Coordinate multi-layer security scanning and hardening across application, infrastructure, and compliance controls."
4---
5 
6Implement comprehensive security hardening with defense-in-depth strategy through coordinated multi-agent orchestration:
7 
8[Extended thinking: This workflow implements a defense-in-depth security strategy across all application layers. It coordinates specialized security agents to perform comprehensive assessments, implement layered security controls, and establish continuous security monitoring. The approach follows modern DevSecOps principles with shift-left security, automated scanning, and compliance validation. Each phase builds upon previous findings to create a resilient security posture that addresses both current vulnerabilities and future threats.]
9 
10## Use this skill when
11 
12- Running a coordinated security hardening program
13- Establishing defense-in-depth controls across app, infra, and CI/CD
14- Prioritizing remediation from scans and threat modeling
15 
16## Do not use this skill when
17 
18- You only need a quick scan without remediation work
19- You lack authorization for security testing or changes
20- The environment cannot tolerate invasive security controls
21 
22## Instructions
23 
241. Execute Phase 1 to establish a security baseline.
252. Apply Phase 2 remediations for high-risk issues.
263. Implement Phase 3 controls and validate defenses.
274. Complete Phase 4 validation and compliance checks.
28 
29## Safety
30 
31- Avoid intrusive testing in production without approval.
32- Ensure rollback plans exist before hardening changes.
33 
34## Phase 1: Comprehensive Security Assessment
35 
36### 1. Initial Vulnerability Scanning
37- Use Task tool with subagent_type="security-auditor"
38- Prompt: "Perform comprehensive security assessment on: $ARGUMENTS. Execute SAST analysis with Semgrep/SonarQube, DAST scanning with OWASP ZAP, dependency audit with Snyk/Trivy, secrets detection with GitLeaks/TruffleHog. Generate SBOM for supply chain analysis. Identify OWASP Top 10 vulnerabilities, CWE weaknesses, and CVE exposures."
39- Output: Detailed vulnerability report with CVSS scores, exploitability analysis, attack surface mapping, secrets exposure report, SBOM inventory
40- Context: Initial baseline for all remediation efforts
41 
42### 2. Threat Modeling and Risk Analysis
43- Use Task tool with subagent_type="security-auditor"
44- Prompt: "Conduct threat modeling using STRIDE methodology for: $ARGUMENTS. Analyze attack vectors, create attack trees, assess business impact of identified vulnerabilities. Map threats to MITRE ATT&CK framework. Prioritize risks based on likelihood and impact."
45- Output: Threat model diagrams, risk matrix with prioritized vulnerabilities, attack scenario documentation, business impact analysis
46- Context: Uses vulnerability scan results to inform threat priorities
47 
48### 3. Architecture Security Review
49- Use Task tool with subagent_type="backend-api-security::backend-architect"
50- Prompt: "Review architecture for security weaknesses in: $ARGUMENTS. Evaluate service boundaries, data flow security, authentication/authorization architecture, encryption implementation, network segmentation. Design zero-trust architecture patterns. Reference threat model and vulnerability findings."
51- Output: Security architecture assessment, zero-trust design recommendations, service mesh security requirements, data classification matrix
52- Context: Incorporates threat model to address architectural vulnerabilities
53 
54## Phase 2: Vulnerability Remediation
55 
56### 4. Critical Vulnerability Fixes
57- Use Task tool with subagent_type="security-auditor"
58- Prompt: "Coordinate immediate remediation of critical vulnerabilities (CVSS 7+) in: $ARGUMENTS. Fix SQL injections with parameterized queries, XSS with output encoding, authentication bypasses with secure session management, insecure deserialization with input validation. Apply security patches for CVEs."
59- Output: Patched code with vulnerability fixes, security patch documentation, regression test requirements
60- Context: Addresses high-priority items from vulnerability assessment
61 
62### 5. Backend Security Hardening
63- Use Task tool with subagent_type="backend-api-security::backend-security-coder"
64- Prompt: "Implement comprehensive backend security controls for: $ARGUMENTS. Add input validation with OWASP ESAPI, implement rate limiting and DDoS protection, secure API endpoints with OAuth2/JWT validation, add encryption for data at rest/transit using AES-256/TLS 1.3. Implement secure logging without PII exposure."
65- Output: Hardened API endpoints, validation middleware, encryption implementation, secure configuration templates
66- Context: Builds upon vulnerability fixes with preventive controls
67 
68### 6. Frontend Security Implementation
69- Use Task tool with subagent_type="frontend-mobile-security::frontend-security-coder"
70- Prompt: "Implement frontend security measures for: $ARGUMENTS. Configure CSP headers with nonce-based policies, implement XSS prevention with DOMPurify, secure authentication flows with PKCE OAuth2, add SRI for external resources, implement secure cookie handling with SameSite/HttpOnly/Secure flags."
71- Output: Secure frontend components, CSP policy configuration, authentication flow implementation, security headers configuration
72- Context: Complements backend security with client-side protections
73 
74### 7. Mobile Security Hardening
75- Use Task tool with subagent_type="frontend-mobile-security::mobile-security-coder"
76- Prompt: "Implement mobile app security for: $ARGUMENTS. Add certificate pinning, implement biometric authentication, secure local storage with encryption, obfuscate code with ProGuard/R8, implement anti-tampering and root/jailbreak detection, secure IPC communications."
77- Output: Hardened mobile application, security configuration files, obfuscation rules, certificate pinning implementation
78- Context: Extends security to mobile platforms if applicable
79 
80## Phase 3: Security Controls Implementation
81 
82### 8. Authentication and Authorization Enhancement
83- Use Task tool with subagent_type="security-auditor"
84- Prompt: "Implement modern authentication system for: $ARGUMENTS. Deploy OAuth2/OIDC with PKCE, implement MFA with TOTP/WebAuthn/FIDO2, add risk-based authentication, implement RBAC/ABAC with principle of least privilege, add session management with secure token rotation."
85- Output: Authentication service configuration, MFA implementation, authorization policies, session management system
86- Context: Strengthens access controls based on architecture review
87 
88### 9. Infrastructure Security Controls
89- Use Task tool with subagent_type="deployment-strategies::deployment-engineer"
90- Prompt: "Deploy infrastructure security controls for: $ARGUMENTS. Configure WAF rules for OWASP protection, implement network segmentation with micro-segmentation, deploy IDS/IPS systems, configure cloud security groups and NACLs, implement DDoS protection with rate limiting and geo-blocking."
91- Output: WAF configuration, network security policies, IDS/IPS rules, cloud security configurations
92- Context: Implements network-level defenses
93 
94### 10. Secrets Management Implementation
95- Use Task tool with subagent_type="deployment-strategies::deployment-engineer"
96- Prompt: "Implement enterprise secrets management for: $ARGUMENTS. Deploy HashiCorp Vault or AWS Secrets Manager, implement secret rotation policies, remove hardcoded secrets, configure least-privilege IAM roles, implement encryption key management with HSM support."
97- Output: Secrets management configuration, rotation policies, IAM role definitions, key management procedures
98- Context: Eliminates secrets exposure vulnerabilities
99 
100## Phase 4: Validation and Compliance
101 
102### 11. Penetration Testing and Validation
103- Use Task tool with subagent_type="security-auditor"
104- Prompt: "Execute comprehensive penetration testing for: $ARGUMENTS. Perform authenticated and unauthenticated testing, API security testing, business logic testing, privilege escalation attempts. Use Burp Suite, Metasploit, and custom exploits. Validate all security controls effectiveness."
105- Output: Penetration test report, proof-of-concept exploits, remediation validation, security control effectiveness metrics
106- Context: Validates all implemented security measures
107 
108### 12. Compliance and Standards Verification
109- Use Task tool with subagent_type="security-auditor"
110- Prompt: "Verify compliance with security frameworks for: $ARGUMENTS. Validate against OWASP ASVS Level 2, CIS Benchmarks, SOC2 Type II requirements, GDPR/CCPA privacy controls, HIPAA/PCI-DSS if applicable. Generate compliance attestation reports."
111- Output: Compliance assessment report, gap analysis, remediation requirements, audit evidence collection
112- Context: Ensures regulatory and industry standard compliance
113 
114### 13. Security Monitoring and SIEM Integration
115- Use Task tool with subagent_type="incident-response::devops-troubleshooter"
116- Prompt: "Implement security monitoring and SIEM for: $ARGUMENTS. Deploy Splunk/ELK/Sentinel integration, configure security event correlation, implement behavioral analytics for anomaly detection, set up automated incident response playbooks, create security dashboards and alerting."
117- Output: SIEM configuration, correlation rules, incident response playbooks, security dashboards, alert definitions
118- Context: Establishes continuous security monitoring
119 
120## Configuration Options
121- scanning_depth: "quick" | "standard" | "comprehensive" (default: comprehensive)
122- compliance_frameworks: ["OWASP", "CIS", "SOC2", "GDPR", "HIPAA", "PCI-DSS"]
123- remediation_priority: "cvss_score" | "exploitability" | "business_impact"
124- monitoring_integration: "splunk" | "elastic" | "sentinel" | "custom"
125- authentication_methods: ["oauth2", "saml", "mfa", "biometric", "passwordless"]
126 
127## Success Criteria
128- All critical vulnerabilities (CVSS 7+) remediated
129- OWASP Top 10 vulnerabilities addressed
130- Zero high-risk findings in penetration testing
131- Compliance frameworks validation passed
132- Security monitoring detecting and alerting on threats
133- Incident response time < 15 minutes for critical alerts
134- SBOM generated and vulnerabilities tracked
135- All secrets managed through secure vault
136- Authentication implements MFA and secure session management
137- Security tests integrated into CI/CD pipeline
138 
139## Coordination Notes
140- Each phase provides detailed findings that inform subsequent phases
141- Security-auditor agent coordinates with domain-specific agents for fixes
142- All code changes undergo security review before implementation
143- Continuous feedback loop between assessment and remediation
144- Security findings tracked in centralized vulnerability management system
145- Regular security reviews scheduled post-implementation
146 
147Security hardening target: $ARGUMENTS
148

Full transparency — inspect the skill content before installing.