mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-16 12:45:17 +03:00
Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal
- Add scripts/agent.py and references/api-reference.md to all remaining skills - Update all 648 LICENSE files: copyright now reads 'Mahipal' - Add implementing-security-monitoring-with-datadog (new skill with full anatomy) - All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
This commit is contained in:
@@ -0,0 +1,56 @@
|
||||
# API Reference: GitLab CI DevSecOps Pipeline
|
||||
|
||||
## GitLab Security Templates
|
||||
| Template | Stage |
|
||||
|----------|-------|
|
||||
| `Security/SAST.gitlab-ci.yml` | Static analysis |
|
||||
| `Security/DAST.gitlab-ci.yml` | Dynamic testing |
|
||||
| `Security/Dependency-Scanning.gitlab-ci.yml` | Dependency audit |
|
||||
| `Security/Container-Scanning.gitlab-ci.yml` | Container scan |
|
||||
| `Security/Secret-Detection.gitlab-ci.yml` | Secret detection |
|
||||
| `Security/IaC-Scanning.gitlab-ci.yml` | IaC security |
|
||||
|
||||
## .gitlab-ci.yml Structure
|
||||
```yaml
|
||||
include:
|
||||
- template: Security/SAST.gitlab-ci.yml
|
||||
- template: Security/Secret-Detection.gitlab-ci.yml
|
||||
stages:
|
||||
- build
|
||||
- test
|
||||
- security
|
||||
- deploy
|
||||
variables:
|
||||
SECURE_LOG_LEVEL: info
|
||||
```
|
||||
|
||||
## GitLab CI Lint API
|
||||
```
|
||||
POST /api/v4/projects/:id/ci/lint
|
||||
PRIVATE-TOKEN: your-token
|
||||
Body: {"content": "yaml-string"}
|
||||
```
|
||||
|
||||
## Security Variables
|
||||
| Variable | Description |
|
||||
|----------|-------------|
|
||||
| `SAST_DEFAULT_ANALYZERS` | Comma-separated analyzer list |
|
||||
| `SAST_EXCLUDED_ANALYZERS` | Analyzers to skip |
|
||||
| `CS_IMAGE` | Container image to scan |
|
||||
| `DAST_WEBSITE` | Target URL for DAST |
|
||||
| `SECRET_DETECTION_HISTORIC_SCAN` | Scan full history |
|
||||
|
||||
## Vulnerability Report API
|
||||
```
|
||||
GET /api/v4/projects/:id/vulnerability_findings
|
||||
```
|
||||
|
||||
## Security Scanning Tools
|
||||
| Tool | Type | Language |
|
||||
|------|------|----------|
|
||||
| Semgrep | SAST | Multi-language |
|
||||
| Bandit | SAST | Python |
|
||||
| Trivy | Container | Container images |
|
||||
| Gitleaks | Secret | Git history |
|
||||
| KICS | IaC | Terraform/CloudFormation |
|
||||
| ZAP | DAST | Web applications |
|
||||
Reference in New Issue
Block a user