creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills

Browse Source 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
This commit is contained in:
mukul975
2026-03-10 21:02:12 +01:00
parent c74d52fa30
commit 27c6414ca5
1390 changed files with 106806 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/implementing-api-schema-validation-security/references/api-reference.md
+61
View File
@@ -0,0 +1,61 @@
# API Reference: Implementing API Schema Validation Security
## jsonschema (Python)
```python
import jsonschema
schema = {
"type": "object",
"properties": {
"name": {"type": "string", "maxLength": 100},
"email": {"type": "string", "format": "email"},
},
"required": ["name", "email"],
"additionalProperties": False, # Prevent mass assignment
}
jsonschema.validate(instance=payload, schema=schema)
```
## OpenAPI Security Checks
| Check | Risk | Severity |
|-------|------|----------|
| No request body schema | Injection | HIGH |
| additionalProperties: true | Mass assignment | MEDIUM |
| String without maxLength | Buffer overflow | MEDIUM |
| No response schema | Data exposure | MEDIUM |
| No security scheme | Broken auth | CRITICAL |
| Security explicitly disabled | Unauthenticated access | CRITICAL |
## OpenAPI Schema Best Practices
```yaml
components:
schemas:
User:
type: object
additionalProperties: false
properties:
name:
type: string
maxLength: 100
pattern: "^[a-zA-Z ]+$"
email:
type: string
format: email
maxLength: 255
required: [name, email]
```
## Spectral (OpenAPI Linter)
```bash
spectral lint openapi.yaml --ruleset .spectral.yaml
# Custom security rules in .spectral.yaml
```
### References
- jsonschema: https://python-jsonschema.readthedocs.io/
- OpenAPI 3.0: https://spec.openapis.org/oas/v3.0.3
- Spectral: https://stoplight.io/open-source/spectral