mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-10 21:24:56 +03:00

Files

T

mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills

Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders

2026-03-10 21:02:12 +01:00

2.2 KiB

Raw Blame History

API Reference: Implementing Google Workspace Admin Security

Libraries

google-api-python-client + google-auth

Install: pip install google-api-python-client google-auth
Docs: https://developers.google.com/admin-sdk/directory/reference/rest

Admin SDK Directory API

Method	Description
`users().list(domain, projection="full")`	List users with full profile
`users().get(userKey)`	Get specific user details
`users().update(userKey, body)`	Update user settings
`users().list(query="isAdmin=true")`	List admin users
`orgunits().list(customerId)`	List organizational units
`roles().list(customer)`	List admin roles
`roleAssignments().list(customer)`	List role assignments

Reports API (Audit Logs)

Method	Description
`activities().list(userKey, applicationName)`	Get audit events
Application names: `login`, `admin`, `drive`, `token`, `mobile`

Key User Fields for Security

Field	Description
`isEnrolledIn2Sv`	User enrolled in 2-Step Verification
`isEnforcedIn2Sv`	2SV enforcement applied
`isAdmin`	Super admin status
`isDelegatedAdmin`	Delegated admin status
`lastLoginTime`	Last login timestamp
`recoveryEmail`	Recovery email (risk if external)
`recoveryPhone`	Recovery phone number
`isSuspended`	Account suspended

OAuth Scopes Required

admin.directory.user -- User management
admin.directory.domain -- Domain settings
admin.reports.audit.readonly -- Audit log access
admin.directory.orgunit -- Org unit management

login_success -- Successful login
login_failure -- Failed login attempt
login_challenge -- 2FA challenge issued
suspicious_login -- Flagged by Google
account_disabled_password_leak -- Compromised password

External References

Admin SDK: https://developers.google.com/admin-sdk
Workspace Security Best Practices: https://support.google.com/a/answer/7587183
CIS Google Workspace Benchmark: https://www.cisecurity.org/benchmark/google_workspace
Reports API: https://developers.google.com/admin-sdk/reports/reference/rest

2.2 KiB Raw Blame History

API Reference: Implementing Google Workspace Admin Security

Libraries

google-api-python-client + google-auth

Admin SDK Directory API

Reports API (Audit Logs)

Key User Fields for Security

OAuth Scopes Required

Login Event Names

External References

2.2 KiB

Raw Blame History