mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-13 10:55:17 +03:00
Production hardening: security fixes, code quality, 724 skills complete
- Fix 25 shell=True subprocess calls with list-based commands - Fix 49 verify=False in defensive skills (env-var override) - Add timeout to 231 HTTP/subprocess/socket calls - Fix 6 SQL injection patterns with whitelist validation - Replace 8 __import__() with standard imports - Remove 701 unused imports across 442 files - Add authorized-testing disclaimers to all offensive skills - Complete 11 incomplete skill directories - Expand 10 stub SKILL.md files with full content - Fix 2 YAML parse errors in frontmatter - Fix 5 pre-existing syntax errors - Convert 22 hardcoded paths/ports to environment variables - Back up 21 redundant skill pairs to .bak - Fix 2 global declaration errors - 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE) - 0 compile errors across all 724 agent.py files
This commit is contained in:
@@ -3,6 +3,7 @@
|
||||
|
||||
import json
|
||||
import logging
|
||||
import os
|
||||
import argparse
|
||||
from datetime import datetime
|
||||
|
||||
@@ -60,14 +61,16 @@ def launch_nessus_scan(nessus_url, api_keys, scan_name, targets):
|
||||
},
|
||||
}
|
||||
resp = requests.post(
|
||||
f"{nessus_url}/scans", headers=headers, json=scan_config, verify=False, timeout=30
|
||||
f"{nessus_url}/scans", headers=headers, json=scan_config,
|
||||
verify=not os.environ.get("SKIP_TLS_VERIFY", "").lower() == "true", timeout=30 # Set SKIP_TLS_VERIFY=true for self-signed certs in lab environments
|
||||
)
|
||||
resp.raise_for_status()
|
||||
scan_id = resp.json()["scan"]["id"]
|
||||
logger.info("Nessus scan created: ID %d", scan_id)
|
||||
|
||||
requests.post(
|
||||
f"{nessus_url}/scans/{scan_id}/launch", headers=headers, verify=False, timeout=30
|
||||
f"{nessus_url}/scans/{scan_id}/launch", headers=headers,
|
||||
verify=not os.environ.get("SKIP_TLS_VERIFY", "").lower() == "true", timeout=30 # Set SKIP_TLS_VERIFY=true for self-signed certs in lab environments
|
||||
)
|
||||
logger.info("Nessus scan %d launched", scan_id)
|
||||
return scan_id
|
||||
|
||||
Reference in New Issue
Block a user