mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-11 05:34:55 +03:00
mukul975
c47eed6a64
- Fix 25 shell=True subprocess calls with list-based commands - Fix 49 verify=False in defensive skills (env-var override) - Add timeout to 231 HTTP/subprocess/socket calls - Fix 6 SQL injection patterns with whitelist validation - Replace 8 __import__() with standard imports - Remove 701 unused imports across 442 files - Add authorized-testing disclaimers to all offensive skills - Complete 11 incomplete skill directories - Expand 10 stub SKILL.md files with full content - Fix 2 YAML parse errors in frontmatter - Fix 5 pre-existing syntax errors - Convert 22 hardcoded paths/ports to environment variables - Back up 21 redundant skill pairs to .bak - Fix 2 global declaration errors - 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE) - 0 compile errors across all 724 agent.py files
62 lines
2.6 KiB
Python
62 lines
2.6 KiB
Python
#!/usr/bin/env python3
|
|
"""Patch management workflow automation."""
|
|
import argparse, json
|
|
from datetime import datetime, timezone
|
|
try:
|
|
import requests
|
|
except ImportError:
|
|
requests = None
|
|
|
|
def audit_config(target, token):
|
|
findings = []
|
|
if not requests: return [{"error": "requests required"}]
|
|
headers = {"Authorization": f"Bearer {token}"}
|
|
try:
|
|
resp = requests.get(f"{target}/api/v1/status", headers=headers, timeout=10)
|
|
if resp.status_code == 200:
|
|
data = resp.json()
|
|
if not data.get("enabled", True):
|
|
findings.append({"check": "Service Status", "status": "DISABLED", "severity": "CRITICAL"})
|
|
elif resp.status_code == 401:
|
|
findings.append({"check": "Authentication", "status": "UNAUTHORIZED", "severity": "HIGH"})
|
|
except requests.RequestException as e:
|
|
findings.append({"error": str(e)})
|
|
return findings
|
|
|
|
def check_compliance(target, token):
|
|
findings = []
|
|
if not requests: return []
|
|
headers = {"Authorization": f"Bearer {token}"}
|
|
try:
|
|
resp = requests.get(f"{target}/api/v1/compliance", headers=headers, timeout=10)
|
|
if resp.status_code == 200:
|
|
for item in resp.json().get("checks", []):
|
|
if item.get("status") != "PASS":
|
|
findings.append({"check": item.get("name"), "status": item.get("status"),
|
|
"severity": item.get("severity", "MEDIUM")})
|
|
except requests.RequestException:
|
|
pass
|
|
return findings
|
|
|
|
def main():
|
|
p = argparse.ArgumentParser(description="Patch management workflow automation")
|
|
p.add_argument("--target", required=True, help="Target URL")
|
|
p.add_argument("--token", required=True, help="API token")
|
|
p.add_argument("--output", "-o", help="Output JSON report")
|
|
p.add_argument("--verbose", "-v", action="store_true")
|
|
a = p.parse_args()
|
|
print("[*] Patch management workflow automation")
|
|
report = {"timestamp": datetime.now(timezone.utc).isoformat(), "findings": []}
|
|
report["findings"].extend(audit_config(a.target, a.token))
|
|
report["findings"].extend(check_compliance(a.target, a.token))
|
|
high = sum(1 for f in report["findings"] if f.get("severity") in ("HIGH", "CRITICAL"))
|
|
report["risk_level"] = "HIGH" if high else "MEDIUM" if report["findings"] else "LOW"
|
|
print(f"[*] {len(report['findings'])} findings, risk: {report['risk_level']}")
|
|
if a.output:
|
|
with open(a.output, "w") as f: json.dump(report, f, indent=2)
|
|
else:
|
|
print(json.dumps(report, indent=2))
|
|
|
|
if __name__ == "__main__":
|
|
main()
|