Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal

- Add scripts/agent.py and references/api-reference.md to all remaining skills - Update all 648 LICENSE files: copyright now reads 'Mahipal' - Add implementing-security-monitoring-with-datadog (new skill with full anatomy) - All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-06-14 15:04:56 +03:00 · 2026-03-11 00:22:12 +01:00
parent 27c6414ca5
commit c21af3347e
1244 changed files with 61622 additions and 723 deletions
@@ -0,0 +1,56 @@
+# API Reference: Implementing Infrastructure as Code Security Scanning
+
+## Checkov CLI
+
+```bash
+# Scan Terraform directory
+checkov -d /path/to/tf --framework terraform --output json
+# Scan specific file
+checkov -f main.tf
+# Scan CloudFormation
+checkov -d . --framework cloudformation
+# Scan Kubernetes manifests
+checkov -d . --framework kubernetes
+# Skip specific checks
+checkov -d . --skip-check CKV_AWS_18,CKV_AWS_21
+```
+
+## tfsec CLI
+
+```bash
+# Scan directory
+tfsec /path/to/tf --format json
+# Exclude specific rules
+tfsec . --exclude aws-s3-enable-bucket-logging
+# Minimum severity
+tfsec . --minimum-severity HIGH
+```
+
+## Common IaC Security Checks
+
+| Check ID | Description | Severity |
+|----------|-------------|----------|
+| CKV_AWS_18 | S3 bucket logging | MEDIUM |
+| CKV_AWS_19 | S3 bucket encryption | HIGH |
+| CKV_AWS_23 | Security group open to 0.0.0.0/0 | HIGH |
+| CKV_AWS_41 | RDS encryption | HIGH |
+| CKV_AWS_145 | KMS key rotation | MEDIUM |
+| CKV_K8S_1 | Pod privileged container | CRITICAL |
+
+## GitHub Actions Integration
+
+```yaml
+- uses: bridgecrewio/checkov-action@master
+  with:
+    directory: .
+    framework: terraform
+    output_format: sarif
+    soft_fail: false
+```
+
+### References
+
+- Checkov: https://www.checkov.io/
+- tfsec: https://aquasecurity.github.io/tfsec/
+- KICS: https://kics.io/
+- Bridgecrew: https://www.bridgecrew.io/