mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-11 05:34:55 +03:00
mukul975
c21af3347e
- Add scripts/agent.py and references/api-reference.md to all remaining skills - Update all 648 LICENSE files: copyright now reads 'Mahipal' - Add implementing-security-monitoring-with-datadog (new skill with full anatomy) - All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
1.5 KiB
1.5 KiB
API Reference: GitLab CI DevSecOps Pipeline
GitLab Security Templates
| Template | Stage |
|---|---|
Security/SAST.gitlab-ci.yml |
Static analysis |
Security/DAST.gitlab-ci.yml |
Dynamic testing |
Security/Dependency-Scanning.gitlab-ci.yml |
Dependency audit |
Security/Container-Scanning.gitlab-ci.yml |
Container scan |
Security/Secret-Detection.gitlab-ci.yml |
Secret detection |
Security/IaC-Scanning.gitlab-ci.yml |
IaC security |
.gitlab-ci.yml Structure
include:
- template: Security/SAST.gitlab-ci.yml
- template: Security/Secret-Detection.gitlab-ci.yml
stages:
- build
- test
- security
- deploy
variables:
SECURE_LOG_LEVEL: info
GitLab CI Lint API
POST /api/v4/projects/:id/ci/lint
PRIVATE-TOKEN: your-token
Body: {"content": "yaml-string"}
Security Variables
| Variable | Description |
|---|---|
SAST_DEFAULT_ANALYZERS |
Comma-separated analyzer list |
SAST_EXCLUDED_ANALYZERS |
Analyzers to skip |
CS_IMAGE |
Container image to scan |
DAST_WEBSITE |
Target URL for DAST |
SECRET_DETECTION_HISTORIC_SCAN |
Scan full history |
Vulnerability Report API
GET /api/v4/projects/:id/vulnerability_findings
Security Scanning Tools
| Tool | Type | Language |
|---|---|---|
| Semgrep | SAST | Multi-language |
| Bandit | SAST | Python |
| Trivy | Container | Container images |
| Gitleaks | Secret | Git history |
| KICS | IaC | Terraform/CloudFormation |
| ZAP | DAST | Web applications |