creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 06:04:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

Production hardening: security fixes, code quality, 724 skills complete

Browse Source 
- Fix 25 shell=True subprocess calls with list-based commands
- Fix 49 verify=False in defensive skills (env-var override)
- Add timeout to 231 HTTP/subprocess/socket calls
- Fix 6 SQL injection patterns with whitelist validation
- Replace 8 __import__() with standard imports
- Remove 701 unused imports across 442 files
- Add authorized-testing disclaimers to all offensive skills
- Complete 11 incomplete skill directories
- Expand 10 stub SKILL.md files with full content
- Fix 2 YAML parse errors in frontmatter
- Fix 5 pre-existing syntax errors
- Convert 22 hardcoded paths/ports to environment variables
- Back up 21 redundant skill pairs to .bak
- Fix 2 global declaration errors
- 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE)
- 0 compile errors across all 724 agent.py files
This commit is contained in:
mukul975
2026-03-19 13:26:49 +01:00
parent 63b442d347
commit c47eed6a64
900 changed files with 23085 additions and 2720 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/testing-mobile-api-authentication/scripts/process.py
+3 -2
View File
@@ -12,6 +12,7 @@ Usage:
import argparse
import base64
import json
import os
import sys
import time
from datetime import datetime
@@ -33,7 +34,7 @@ class MobileAPIAuthTester:
self.token = token
self.findings = []
self.session = requests.Session()
self.session.verify = False
self.session.verify = not os.environ.get("SKIP_TLS_VERIFY", "").lower() == "true" # Set SKIP_TLS_VERIFY=true for self-signed certs in lab environments
self.session.headers.update({
"Authorization": f"Bearer {token}",
"User-Agent": "MobileSecurityTester/1.0",
@@ -105,7 +106,7 @@ class MobileAPIAuthTester:
for endpoint in endpoints:
url = f"{self.base_url}{endpoint}"
try:
resp = requests.get(url, verify=False, timeout=10,
resp = requests.get(url, verify=not os.environ.get("SKIP_TLS_VERIFY", "").lower() == "true", timeout=10, # Set SKIP_TLS_VERIFY=true for self-signed certs in lab environments
headers={"User-Agent": "MobileSecurityTester/1.0"})
if resp.status_code != 401 and resp.status_code != 403:
result = {