mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-18 21:49:40 +03:00
Production hardening: security fixes, code quality, 724 skills complete
- Fix 25 shell=True subprocess calls with list-based commands - Fix 49 verify=False in defensive skills (env-var override) - Add timeout to 231 HTTP/subprocess/socket calls - Fix 6 SQL injection patterns with whitelist validation - Replace 8 __import__() with standard imports - Remove 701 unused imports across 442 files - Add authorized-testing disclaimers to all offensive skills - Complete 11 incomplete skill directories - Expand 10 stub SKILL.md files with full content - Fix 2 YAML parse errors in frontmatter - Fix 5 pre-existing syntax errors - Convert 22 hardcoded paths/ports to environment variables - Back up 21 redundant skill pairs to .bak - Fix 2 global declaration errors - 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE) - 0 compile errors across all 724 agent.py files
This commit is contained in:
@@ -26,7 +26,7 @@ def get_domain_controllers():
|
||||
"""Get list of legitimate domain controller machine accounts."""
|
||||
cmd = ["powershell", "-Command",
|
||||
"Get-ADDomainController -Filter * | Select-Object Name, IPv4Address | ConvertTo-Json"]
|
||||
result = subprocess.run(cmd, capture_output=True, text=True)
|
||||
result = subprocess.run(cmd, capture_output=True, text=True, timeout=120)
|
||||
dcs = []
|
||||
try:
|
||||
data = json.loads(result.stdout) if result.stdout else []
|
||||
@@ -52,7 +52,7 @@ def query_event_4662(evtx_path=None, max_events=5000):
|
||||
else:
|
||||
cmd = ["wevtutil", "qe", "Security",
|
||||
"/q:*[System[EventID=4662]]", "/f:xml", f"/c:{max_events}"]
|
||||
result = subprocess.run(cmd, capture_output=True, text=True)
|
||||
result = subprocess.run(cmd, capture_output=True, text=True, timeout=120)
|
||||
for event_xml in re.findall(r"<Event.*?</Event>", result.stdout, re.DOTALL):
|
||||
try:
|
||||
root = ET.fromstring(event_xml)
|
||||
@@ -154,7 +154,7 @@ def check_replication_acls():
|
||||
"Where-Object {$_.ObjectType -eq '1131f6ad-9c07-11d1-f79f-00c04fc2dcd2' -or "
|
||||
"$_.ObjectType -eq '1131f6aa-9c07-11d1-f79f-00c04fc2dcd2'} | "
|
||||
"Select-Object IdentityReference, ActiveDirectoryRights | ConvertTo-Json"]
|
||||
result = subprocess.run(cmd, capture_output=True, text=True)
|
||||
result = subprocess.run(cmd, capture_output=True, text=True, timeout=120)
|
||||
try:
|
||||
acls = json.loads(result.stdout) if result.stdout else []
|
||||
if isinstance(acls, dict):
|
||||
|
||||
Reference in New Issue
Block a user