mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-13 19:05:17 +03:00
Production hardening: security fixes, code quality, 724 skills complete
- Fix 25 shell=True subprocess calls with list-based commands - Fix 49 verify=False in defensive skills (env-var override) - Add timeout to 231 HTTP/subprocess/socket calls - Fix 6 SQL injection patterns with whitelist validation - Replace 8 __import__() with standard imports - Remove 701 unused imports across 442 files - Add authorized-testing disclaimers to all offensive skills - Complete 11 incomplete skill directories - Expand 10 stub SKILL.md files with full content - Fix 2 YAML parse errors in frontmatter - Fix 5 pre-existing syntax errors - Convert 22 hardcoded paths/ports to environment variables - Back up 21 redundant skill pairs to .bak - Fix 2 global declaration errors - 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE) - 0 compile errors across all 724 agent.py files
This commit is contained in:
@@ -1,11 +1,11 @@
|
||||
#!/usr/bin/env python3
|
||||
"""Agent for managing Falco rules and parsing alerts for container forensics."""
|
||||
|
||||
import os
|
||||
import json
|
||||
import argparse
|
||||
from datetime import datetime
|
||||
import os
|
||||
from collections import defaultdict
|
||||
from datetime import datetime
|
||||
from pathlib import Path
|
||||
|
||||
import yaml
|
||||
@@ -116,7 +116,8 @@ def summarize_alerts(alerts):
|
||||
}
|
||||
|
||||
|
||||
def check_falco_health(falco_url="http://localhost:8765"):
|
||||
def check_falco_health(falco_url=None):
|
||||
falco_url = falco_url or os.environ.get("FALCO_URL", "http://localhost:8765")
|
||||
"""Check Falco health via HTTP endpoint."""
|
||||
try:
|
||||
resp = requests.get(f"{falco_url}/healthz", timeout=5)
|
||||
@@ -126,7 +127,8 @@ def check_falco_health(falco_url="http://localhost:8765"):
|
||||
return {"status": "unreachable", "error": str(e)}
|
||||
|
||||
|
||||
def get_falco_version(falco_url="http://localhost:8765"):
|
||||
def get_falco_version(falco_url=None):
|
||||
falco_url = falco_url or os.environ.get("FALCO_URL", "http://localhost:8765")
|
||||
"""Get Falco version information."""
|
||||
try:
|
||||
resp = requests.get(f"{falco_url}/version", timeout=5)
|
||||
@@ -155,7 +157,7 @@ def main():
|
||||
parser = argparse.ArgumentParser(description="Falco Cloud Native Forensics Agent")
|
||||
parser.add_argument("--alert-file", help="Path to Falco JSON alert log")
|
||||
parser.add_argument("--rules-output", default="custom_falco_rules.yaml")
|
||||
parser.add_argument("--falco-url", default="http://localhost:8765")
|
||||
parser.add_argument("--falco-url", default=os.environ.get("FALCO_URL", "http://localhost:8765"))
|
||||
parser.add_argument("--output", default="falco_report.json")
|
||||
parser.add_argument("--action", choices=[
|
||||
"generate_rules", "parse_alerts", "health", "full_analysis"
|
||||
|
||||
Reference in New Issue
Block a user