creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-15 15:34:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

feat: add NIST CSF 2.0 nist_csf field to all 754 cybersecurity skills

Browse Source 
Mapped every skill to NIST CSF 2.0 subcategory IDs (GV/ID/PR/DE/RS/RC functions)
based on subdomain and content analysis. Restores 11 skills corrupted during
prior rebase, re-enriching with ATLAS, D3FEND, NIST AI RMF, and CSF 2.0 fields.

All 754 skills now carry structured mappings for all 5 security frameworks:
- MITRE ATT&CK (in tags)
- MITRE ATLAS v5.5 (atlas_techniques)
- MITRE D3FEND v1.3 (d3fend_techniques)
- NIST AI RMF 1.0 (nist_ai_rmf)
- NIST CSF 2.0 (nist_csf)
This commit is contained in:
mukul975
2026-04-06 11:17:31 +02:00
parent e8105a2f4d
commit efca3ec611
754 changed files with 12847 additions and 2832 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/testing-mobile-api-authentication/SKILL.md
+19 -8
View File
@@ -1,18 +1,29 @@
---
name: testing-mobile-api-authentication
description: >
Tests authentication and authorization mechanisms in mobile application APIs to identify
broken authentication, insecure token management, session fixation, privilege escalation,
and IDOR vulnerabilities. Use when performing API security assessments against mobile app
backends, testing JWT implementations, evaluating OAuth flows, or assessing session management.
Activates for requests involving mobile API auth testing, token security assessment, OAuth
mobile flow testing, or API authorization bypass.
description: 'Tests authentication and authorization mechanisms in mobile application APIs to identify broken authentication,
insecure token management, session fixation, privilege escalation, and IDOR vulnerabilities. Use when performing API security
assessments against mobile app backends, testing JWT implementations, evaluating OAuth flows, or assessing session management.
Activates for requests involving mobile API auth testing, token security assessment, OAuth mobile flow testing, or API authorization
bypass.
'
domain: cybersecurity
subdomain: mobile-security
author: mahipal
tags: [mobile-security, android, ios, api-security, authentication, penetration-testing]
tags:
- mobile-security
- android
- ios
- api-security
- authentication
- penetration-testing
version: 1.0.0
license: Apache-2.0
nist_csf:
- PR.PS-01
- PR.AA-05
- ID.RA-01
- DE.CM-09
---
# Testing Mobile API Authentication