mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-18 05:29:40 +03:00
8cae0648ec
Demand-driven expansion targeting the fastest-growing 2025-2026 threat and
skills categories (ISC2/WEF/CrowdStrike/Mandiant signals):
- AI Security (NEW domain, 12 skills): LLM red-teaming with garak/PyRIT,
prompt injection (direct/indirect/RAG), MCP tool-poisoning, agentic tool
invocation, guardrails, model/data poisoning, system-prompt leakage,
embedding/vector weaknesses, model extraction, continuous red-teaming
- Supply Chain Security (NEW domain, 5 skills): SBOMs, dependency confusion,
malicious-npm triage, typosquatting, SLSA/Sigstore provenance
- Hardware & Firmware Security (NEW domain, 4 skills): CHIPSEC/UEFI audit,
Secure Boot bypass, TPM measured-boot attestation, ESP bootkit hunting
- Identity (10): Entra ID/ROADtools, GraphRunner, AADInternals, ADCS/Certipy,
shadow credentials, coercion, BloodHound CE, device-code phishing, SSO abuse
- Cloud-native (8): Stratus, Pacu, CloudFox, container escape, K8s RBAC,
Falco, Trivy, kube-bench
- Offensive C2 (6): Sliver, Havoc, NetExec, DPAPI, NTLM relay ESC8, redirectors
- DFIR (6): Hayabusa, Chainsaw, KAPE, Velociraptor, EZ Tools, Plaso
- Backfill (4): OpenCTI, MISP, honeytokens, post-quantum crypto migration
Each skill follows the repo taxonomy (SKILL.md + references/{standards,api-reference}.md
+ scripts/agent.py + LICENSE), with researched real tool commands (no placeholders),
complete frontmatter, and ATT&CK/ATLAS + NIST CSF mappings. Updates README domain
table, skill count, and index.json.
3.1 KiB
3.1 KiB
API and Command Reference
LLM Guard
Pipeline functions
| Function | Signature | Returns |
|---|---|---|
scan_prompt |
scan_prompt(scanners, prompt) |
(sanitized_prompt, results_valid: dict, results_score: dict) |
scan_output |
scan_output(scanners, prompt, output) |
(sanitized_output, results_valid: dict, results_score: dict) |
Input scanners (15)
Anonymize, BanCode, BanCompetitors, BanSubstrings, BanTopics, Code, Gibberish, InvisibleText, Language, PromptInjection, Regex, Secrets, Sentiment, TokenLimit, Toxicity
Output scanners (20)
BanCode, BanCompetitors, BanSubstrings, BanTopics, Bias, Code, Deanonymize, JSON, Language, LanguageSame, MaliciousURLs, NoRefusal, ReadingTime, FactualConsistency, Gibberish, Regex, Relevance, Sensitive, Sentiment, Toxicity, URLReachability
Common scanner parameters
| Scanner | Key params |
|---|---|
PromptInjection |
threshold=0.5, match_type=MatchType.FULL|SENTENCE |
Toxicity |
threshold=0.5 |
Secrets |
redact_mode="all"|"partial"|"hash" |
Anonymize |
vault, entity_types, hidden_names |
Sensitive |
entity_types, redact=True |
TokenLimit |
limit=4096, encoding_name="cl100k_base" |
Llama Guard 3 (transformers)
| Operation | Call |
|---|---|
| Load tokenizer | AutoTokenizer.from_pretrained("meta-llama/Llama-Guard-3-8B") |
| Load model | AutoModelForCausalLM.from_pretrained(model_id, torch_dtype=torch.bfloat16, device_map="auto") |
| Build prompt | tokenizer.apply_chat_template(chat, return_tensors="pt") |
| Classify | model.generate(input_ids=..., max_new_tokens=100, pad_token_id=0) |
| Output | safe OR unsafe\nS<n> where S1–S14 are MLCommons categories |
Role of last message determines mode: last turn user = prompt classification; last turn assistant = response classification.
NeMo Guardrails
Config structure
config/
config.yml # models, rails, prompts
*.co # Colang flows (dialog/input/output rails)
actions.py # optional custom Python actions
config.yml key sections
| Section | Purpose |
|---|---|
models: |
list of {type, engine, model}; type: main is the app LLM, type: content_safety for Llama Guard |
rails.input.flows |
input-stage flows e.g. self check input, content safety check input $model=content_safety |
rails.output.flows |
output-stage flows e.g. self check output |
prompts: |
task templates (self_check_input, self_check_output) |
Python API
| Call | Purpose |
|---|---|
RailsConfig.from_path("./config") |
Load configuration |
LLMRails(config) |
Instantiate rails engine |
rails.generate(messages=[...]) |
Run input rails → LLM → output rails |
rails.generate_async(...) |
Async variant |
CLI
| Command | Purpose |
|---|---|
nemoguardrails chat --config=./config |
Interactive chat with rails applied |
nemoguardrails server --config=./config |
Start REST server |