GitHub Trending

利用AI大模型，一键生成高清短视频 Generate short videos with one click using AI LLM.

Graphs that teach > graphs that impress. Turn any code into an interactive knowledge graph you can explore, search, and ask questions about. Works with Claude Code, Codex, Cursor, Copilot, Gemini CLI, and more.

Knowledge Work Plugins Plugins that turn Claude into a specialist for your role, team, and company. Built for Claude Cowork, also compatible with Claude Code. Why Plugins Cowork lets you set the goal and Claude delivers finished, professional work. Plugins let you go further: tell Claude how you like work done, which tools and data to pull from, how to handle critical workflows, and what slash commands to expose — so your team gets better and more consistent outcomes. Each plugin bundles the skills, connectors, slash commands, and sub-agents for a specific job function. Out of the box, they give Claude a strong starting point for helping anyone in that role. The real power comes when you customize them for your company — your tools, your terminology, your processes — so Claude works like it was built for your team. Plugin Marketplace We're open-sourcing 11 plugins built and inspired by our own work: | Plugin | How it helps | Connectors | |--------|-------------|------------| | productivity | Manage tasks, calendars, daily workflows, and personal context so you spend less time repeating yourself. | Slack, Notion, Asana, Linear, Jira, Monday, ClickUp, Microsoft 365 | | sales | Research prospects, prep for calls, review your pipeline, draft outreach, and build competitive battlecards. | Slack, HubSpot, Close, Clay, ZoomInfo, Notion, Jira, Fireflies, Microsoft 365 | | customer-support | Triage tickets, draft responses, package escalations, research customer context, and turn resolved issues into knowledge base articles. | Slack, Intercom, HubSpot, Guru, Jira, Notion, Microsoft 365 | | product-management | Write specs, plan roadmaps, synthesize user research, keep stakeholders updated, and track the competitive landscape. | Slack, Linear, Asana, Monday, ClickUp, Jira, Notion, Figma, Amplitude, Pendo, Intercom, Fireflies | | marketing | Draft content, plan campaigns, enforce brand voice, brief on competitors, and report on performance across channels. | Slack, Canva, Figma, HubSpot, Amplitude, Notion, Ahrefs, SimilarWeb, Klaviyo | | legal | Review contracts, triage NDAs, navigate compliance, assess risk, prep for meetings, and draft templated responses. | Slack, Box, Egnyte, Jira, Microsoft 365 | | finance | Prep journal entries, reconcile accounts, generate financial statements, analyze variances, manage close, and support audits. | Snowflake, Databricks, BigQuery, Slack, Microsoft 365 | | data | Query, visualize, and interpret datasets — write SQL, run statistical analysis, build dashboards, and validate your work before sharing. | Snowflake, Databricks, BigQuery, Definite, Hex, Amplitude, Jira | | enterprise-search | Find anything across email, chat, docs, and wikis — one query across all your company's tools. | Slack, Notion, Guru, Jira, Asana, Microsoft 365 | | bio-research | Connect to preclinical research tools and databases (literature search, genomics analysis, target prioritization) to accelerate early-stage life sciences R&D. | PubMed, BioRender, bioRxiv, ClinicalTrials.gov, ChEMBL, Synapse, Wiley, Owkin, Open Targets, Benchling | | cowork-plugin-management | Create new plugins or customize existing ones for your organization's specific tools and workflows. | — | Install these directly from Cowork, browse the full collection here on GitHub, or build your own. Getting Started Cowork Install plugins from claude.com/plugins. Claude Code Add the marketplace first claude plugin marketplace add anthropics/knowledge-work-plugins Then install a specific plugin claude plugin install sales@knowledge-work-plugins Once installed, plugins activate automatically. Skills fire when relevant, and slash commands are available in your session (e.g., /sales:call-prep, /data:write-query). How Plugins Work Every plugin follows the same structure: plugin-name/ ├── .claude-plugin/plugin.json # Manifest ├── .mcp.json # Tool connections ├── commands/ # Slash commands you invoke explicitly └── skills/ # Domain knowledge Claude draws on automatically Skills encode the domain expertise, best practices, and step-by-step workflows Claude needs to give you useful help. Claude draws on them automatically when relevant. Commands are explicit actions you trigger (e.g., /finance:reconciliation, /product-management:write-spec). Connectors wire Claude to the external tools your role depends on — CRMs, project trackers, data warehouses, design tools, and more — via MCP servers. Every component is file-based — markdown and JSON, no code, no infrastructure, no build steps. Making Them Yours These plugins are generic starting points. They become much more useful when you customize them for how your company actually works: Swap connectors — Edit .mcp.json to point at your specific tool stack. Add company context — Drop your terminology, org structure, and processes into skill files so Claude understands your world. Adjust workflows — Modify skill instructions to match how your team actually does things, not how a textbook says to. Build new plugins — Use the cowork-plugin-management plugin or follow the structure above to create plugins for roles and workflows we haven't covered yet. As your team builds and shares plugins, Claude becomes a cross-functional expert. The context you define gets baked into every relevant interaction, so leaders and admins can spend less time enforcing processes and more time improving them. Contributing Plugins are just markdown files. Fork the repo, make your changes, and submit a PR.

Learn it. Build it. Ship it for others.

Stop Slop A skill for removing AI tells from prose. What this is AI writing has patterns. Predictable phrases, structures, rhythms. This skill teaches Claude (or any LLM) to catch and remove them. Skill Structure stop-slop/ ├── SKILL.md # Core instructions ├── references/ │ ├── phrases.md # Phrases to remove │ ├── structures.md # Structural patterns to avoid │ └── examples.md # Before/after transformations ├── README.md └── LICENSE Quick start Claude Code: Add this folder as a skill. Claude Projects: Upload SKILL.md and reference files to project knowledge. Custom instructions: Copy core rules from SKILL.md. API calls: Include SKILL.md in your system prompt. Reference files load on demand. What it catches Banned phrases - Throat-clearing openers, emphasis crutches, business jargon, all adverbs, vague declaratives, meta-commentary. See references/phrases.md. Structural clichés - Binary contrasts, negative listings, dramatic fragmentation, rhetorical setups, false agency, narrator-from-a-distance voice, passive voice. See references/structures.md. Sentence-level rules - No Wh- sentence starters, no em dashes, no staccato fragmentation, no lazy extremes, active voice required. Scoring Rate 1-10 on each dimension: | Dimension | Question | |-----------|----------| | Directness | Statements or announcements? | | Rhythm | Varied or metronomic? | | Trust | Respects reader intelligence? | | Authenticity | Sounds human? | | Density | Anything cuttable? | Below 35/50: revise. Author Hardik Pandya License MIT. Use freely, share widely.

Python tool for converting files and office documents to Markdown.

Taste Skill The Anti-Slop Frontend Framework for AI Agents Portable Agent Skills that upgrade AI-built interfaces: stronger layout, typography, motion, and spacing instead of boilerplate-looking UIs. This repo also includes image-generation skills for reference boards (web, mobile, brand kits). Pair them with ChatGPT Images or similar generators, then hand the frames to Codex, Cursor, or Claude Code for implementation. Disclaimer Taste Skill has no official token, coin, or crypto project. Any token using my name, image, or project is unaffiliated and not endorsed by me. Disclaimer · Install · Skills · Settings · Examples · Sponsor · Research · FAQ · License Feedback & Contributions We would love your feedback. Suggestions and bug reports: Open a Pull Request or Issue on GitHub DM @lexnlin or @blueemi99 Email us at hello@tasteskill.dev Installing The npx skills add CLI scans the skills/ folder in this repo, so all skills below (code and image-generation) install the same way. npx skills add https://github.com/Leonxlnx/taste-skill Install a single skill by its install name (the name: field inside the SKILL frontmatter, not the folder name): npx skills add https://github.com/Leonxlnx/taste-skill --skill "design-taste-frontend" You can also copy any SKILL.md into your project or paste it into ChatGPT / Codex conversations. Updating from the previous version The default taste-skill (install name design-taste-frontend) is now v2 (experimental), a substantial rewrite of the original v1. If you already have v1 installed, just re-run the install command and you will be upgraded: npx skills add https://github.com/Leonxlnx/taste-skill --skill "design-taste-frontend" The install name did not change, so no script updates are needed. The newer SKILL.md replaces the older one in place. If you depend on the exact behavior of v1 and want to pin to it explicitly: npx skills add https://github.com/Leonxlnx/taste-skill --skill "design-taste-frontend-v1" See CHANGELOG.md for the full v1 to v2 diff and the rationale. Skills Each skill does one job; you do not need all of them at once. Implementation skills output code. Image-generation skills output reference images only. The Install name column is the exact value you pass to --skill. | Skill (folder) | Install name | Description | | --- | --- | --- | | taste-skill | design-taste-frontend | 🆕 v2 (experimental) - substantial rewrite of the default skill. Reads the brief, infers the design language, tunes three dials (VARIANCE / MOTION / DENSITY). Brief inference, design-system map, hard em-dash ban, canonical GSAP code skeletons, redesign-audit protocol, strict pre-flight check. Actively iterating toward v2.0.0 stable. | | taste-skill-v1 | design-taste-frontend-v1 | The original v1 of taste-skill, preserved for projects depending on its exact behavior. Use only if the v2 default breaks something specific in your workflow. | | gpt-tasteskill | gpt-taste | Stricter variant for GPT/Codex: higher layout variance, stronger GSAP direction, aggressive anti-slop. | | image-to-code-skill | image-to-code | Image-first pipeline: generate site references, analyze them, then implement the frontend to match. | | redesign-skill | redesign-existing-projects | Existing projects: audit the UI first, then fix layout, spacing, hierarchy, styling. | | soft-skill | high-end-visual-design | Polished, calm, expensive UI with softer contrast, whitespace, premium fonts, spring motion. | | output-skill | full-output-enforcement | When the model ships half-finished work: full output, no placeholder comments. | | minimalist-skill | minimalist-ui | Editorial product UI (Notion/Linear vibes), restrained palette, crisp structure. | | brutalist-skill | industrial-brutalist-ui | Hard mechanical language: Swiss type, sharp contrast, experimental layout. | | stitch-skill | stitch-design-taste | Google Stitch-compatible rules, including optional DESIGN.md export format. | Image generation skills These produce design images only (no code). Use with ChatGPT Images, Codex image mode, or any agent that generates images. | Skill (folder) | Install name | Description | | --- | --- | --- | | imagegen-frontend-web | imagegen-frontend-web | Website comps: hero, landing, multi-section with strong typography, spacing, anti-slop art direction. | | imagegen-frontend-mobile | imagegen-frontend-mobile | Mobile screens and flows: iOS/Android/cross-platform, mockups, readable type, coherent sets. | | brandkit | brandkit | Brand-kit boards: logo directions, palettes, type, identity applications across categories. | Which one should I use? Start with taste-skill for the safest general default. (Now v2 experimental - see what changed in the CHANGELOG.) If you depend on the exact behavior of the original taste-skill, install taste-skill-v1 instead. Use gpt-taste when you want the stricter GPT/Codex-oriented rules and motion/layout enforcement. Use image-to-code-skill for image → analyze → code website workflows. Use redesign-skill to improve an existing codebase instead of greenfield styling. Add soft-skill, minimalist-skill, or brutalist-skill when the visual direction is already chosen. Add output-skill if the agent keeps truncating output. Use imagegen-frontend-web, imagegen-frontend-mobile, or brandkit when the deliverable is images (comps, flows, identity boards), then pass results to your coding agent. Image-first tip For image-to-code-skill, state the pipeline in the prompt, e.g.: follow the skill: generate images, then analyze, then code. ChatGPT Images and Codex Attach or paste imagegen-frontend-web, imagegen-frontend-mobile, or brandkit and ask for the frames you need, then feed the renders to Codex, Cursor, or Claude Code. Use image-to-code-skill when you want one workflow that both generates references and implements the site in code. Settings (taste-skill only) Numbers at the top of the file are 1-10 dials: DESIGN_VARIANCE: Layout experimentation (lower: centered/clean · higher: asymmetric/modern). MOTION_INTENSITY: Animation depth (lower: hover · higher: scroll/magnetic). VISUAL_DENSITY: Information per viewport (lower: spacious · higher: dense dashboards). Examples Created with taste-skill: Support the project If Taste Skill helps you, consider sponsoring: Sponsor on GitHub Current Sponsors Research Background writing that shaped these skills lives in research/. Common Questions How is this different from other AI design skills? Multiple specialized variants, adjustable dials in key skills, anti-repetition rules informed by dedicated research. All are framework agnostic across major coding agents. Does it work with React, Vue, Svelte? Yes. Rules target design intent, not a single framework API. What is SKILL.md? A portable instruction file agents can load automatically; install via npx skills add or by copying into a repo or conversation. Do image-generation skills install with npx skills add? Yes. They live under skills/ alongside the code skills so the same CLI discovers them. License MIT License · Copyright (c) 2026 Leonxlnx

Pre-indexed code knowledge graph for Claude Code, Codex, Gemini, Cursor, OpenCode, AntiGravity, Kiro, and Hermes Agent — fewer tokens, fewer tool calls, 100% local

Anthropic Cybersecurity Skills The largest open-source cybersecurity skills library for AI agents GARS-2026 Survey License Skills Frameworks Domains Platforms GitHub stars GitHub forks Last Commit agentskills.io PRs Welcome Playground Hermes Agent 754 production-grade cybersecurity skills · 26 security domains · 5 framework mappings · 26+ AI platforms Get Started · What's Inside · Frameworks · Platforms · Contributing ⚠️ Community Project — This is an independent, community-created project. Not affiliated with Anthropic PBC. Give any AI agent the security skills of a senior analyst A junior analyst knows which Volatility3 plugin to run on a suspicious memory dump, which Sigma rules catch Kerberoasting, and how to scope a cloud breach across three providers. Your AI agent doesn't — unless you give it these skills. This repo contains 754 structured cybersecurity skills spanning 26 security domains, each following the agentskills.io open standard. Every skill is mapped to five industry frameworks — MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, MITRE D3FEND, and NIST AI RMF — making this the only open-source skills library with unified cross-framework coverage. Clone it, point your agent at it, and your next security investigation gets expert-level guidance in seconds. Five frameworks, one skill library No other open-source skills library maps every skill to all five frameworks. One skill, five compliance checkboxes. | Framework | Version | Scope in this repo | What it maps | |---|---|---|---| | MITRE ATT&CK | v18 | 14 tactics · 200+ techniques | Adversary behaviors and TTPs | | NIST CSF 2.0 | 2.0 | 6 functions · 22 categories | Organizational security posture | | MITRE ATLAS | v5.4 | 16 tactics · 84 techniques | AI/ML adversarial threats | | MITRE D3FEND | v1.3 | 7 categories · 267 techniques | Defensive countermeasures | | NIST AI RMF | 1.0 | 4 functions · 72 subcategories | AI risk management | Example — a single skill maps across all five: | Skill | ATT&CK | NIST CSF | ATLAS | D3FEND | AI RMF | |---|---|---|---|---|---| | analyzing-network-traffic-of-malware | T1071 | DE.CM | AML.T0047 | D3-NTA | MEASURE-2.6 | Quick start Option 1: npx (recommended) npx skills add mukul975/Anthropic-Cybersecurity-Skills Option 2: Git clone git clone https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git cd Anthropic-Cybersecurity-Skills Works immediately with Claude Code, GitHub Copilot, OpenAI Codex CLI, Cursor, Gemini CLI, and any agentskills.io-compatible platform. 🌍 GARS-2026 — Global Agentic AI Readiness Survey I'm running a global academic study measuring how ready security professionals, developers, and enterprise teams actually are for agentic AI — MCP servers, tool calling, governance, and human-in-the-loop workflows. If you use this repo, your response would be a genuinely valuable data point. 📋 Take the survey (10 min): Survey Link 60 questions · Anonymous · Supervised by SRH Berlin You get 50 Casky Tokens for early access to casky.ai Results published open access under CC-BY 4.0 🚀 Try it on the Playground Experience Casky.ai hands-on — no setup required. → Launch Playground on Casky.ai The playground lets you: Run live cybersecurity skill exercises against real targets See AI agents execute structured skills in real time Explore MITRE ATT&CK mapped workflows interactively Test threat hunting, DFIR, and penetration testing scenarios No installation. No configuration. Just open and start. Why this exists The cybersecurity workforce gap hit 4.8 million unfilled roles globally in 2024 (ISC2). AI agents can help close that gap — but only if they have structured domain knowledge to work from. Today's agents can write code and search the web, but they lack the practitioner playbooks that turn a generic LLM into a capable security analyst. Existing security tool repos give you wordlists, payloads, or exploit code. None of them give an AI agent the structured decision-making workflow a senior analyst follows: when to use each technique, what prerequisites to check, how to execute step-by-step, and how to verify results. That is the gap this project fills. Anthropic Cybersecurity Skills is not a collection of scripts or checklists. It is an AI-native knowledge base built from the ground up for the agentskills.io standard — YAML frontmatter for sub-second discovery, structured Markdown for step-by-step execution, and reference files for deep technical context. Every skill encodes real practitioner workflows, not generated summaries. What's inside — 26 security domains | Domain | Skills | Key capabilities | |---|---|---| | Cloud Security | 60 | AWS, Azure, GCP hardening · CSPM · cloud forensics | | Threat Hunting | 55 | Hypothesis-driven hunts · LOTL detection · behavioral analytics | | Threat Intelligence | 50 | STIX/TAXII · MISP · feed integration · actor profiling | | Web Application Security | 42 | OWASP Top 10 · SQLi · XSS · SSRF · deserialization | | Network Security | 40 | IDS/IPS · firewall rules · VLAN segmentation · traffic analysis | | Malware Analysis | 39 | Static/dynamic analysis · reverse engineering · sandboxing | | Digital Forensics | 37 | Disk imaging · memory forensics · timeline reconstruction | | Security Operations | 36 | SIEM correlation · log analysis · alert triage | | Identity & Access Management | 35 | IAM policies · PAM · zero trust identity · Okta · SailPoint | | SOC Operations | 33 | Playbooks · escalation workflows · metrics · tabletop exercises | | Container Security | 30 | K8s RBAC · image scanning · Falco · container forensics | | OT/ICS Security | 28 | Modbus · DNP3 · IEC 62443 · historian defense · SCADA | | API Security | 28 | GraphQL · REST · OWASP API Top 10 · WAF bypass | | Vulnerability Management | 25 | Nessus · scanning workflows · patch prioritization · CVSS | | Incident Response | 25 | Breach containment · ransomware response · IR playbooks | | Red Teaming | 24 | Full-scope engagements · AD attacks · phishing simulation | | Penetration Testing | 23 | Network · web · cloud · mobile · wireless pentesting | | Endpoint Security | 17 | EDR · LOTL detection · fileless malware · persistence hunting | | DevSecOps | 17 | CI/CD security · code signing · Terraform auditing | | Phishing Defense | 16 | Email authentication · BEC detection · phishing IR | | Cryptography | 14 | TLS · Ed25519 · certificate transparency · key management | | Zero Trust Architecture | 13 | BeyondCorp · CISA maturity model · microsegmentation | | Mobile Security | 12 | Android/iOS analysis · mobile pentesting · MDM forensics | | Ransomware Defense | 7 | Precursor detection · response · recovery · encryption analysis | | Compliance & Governance | 5 | CIS benchmarks · SOC 2 · regulatory frameworks | | Deception Technology | 2 | Honeytokens · breach detection canaries | How AI agents use these skills Each skill costs ~30 tokens to scan (frontmatter only) and 500–2,000 tokens to fully load (complete workflow). This progressive disclosure architecture lets agents search all 754 skills in a single pass without blowing context windows. User prompt: "Analyze this memory dump for signs of credential theft" Agent's internal process: Scans 754 skill frontmatters (~30 tokens each) → identifies 12 relevant skills by matching tags, description, domain Loads top 3 matches: • performing-memory-forensics-with-volatility3 • hunting-for-credential-dumping-lsass • analyzing-windows-event-logs-for-credential-access Executes the structured Workflow section step-by-step → runs Volatility3 plugins, checks LSASS access patterns, correlates with event log evidence Validates results using the Verification section → confirms IOCs, maps findings to ATT&CK T1003 (Credential Dumping) Without these skills, the agent guesses at tool commands and misses critical steps. With them, it follows the same playbook a senior DFIR analyst would use. Skill anatomy Every skill follows a consistent directory structure: skills/performing-memory-forensics-with-volatility3/ ├── SKILL.md ← Skill definition (YAML frontmatter + Markdown body) ├── references/ │ ├── standards.md ← MITRE ATT&CK, ATLAS, D3FEND, NIST mappings │ └── workflows.md ← Deep technical procedure reference ├── scripts/ │ └── process.py ← Working helper scripts └── assets/ └── template.md ← Filled-in checklists and report templates YAML frontmatter (real example) name: performing-memory-forensics-with-volatility3 description: >- Analyze memory dumps to extract running processes, network connections, injected code, and malware artifacts using the Volatility3 framework. domain: cybersecurity subdomain: digital-forensics tags: forensics, memory-analysis, volatility3, incident-response, dfir] atlas_techniques: [AML.T0047] d3fend_techniques: [D3-MA, D3-PSMD] nist_ai_rmf: [MEASURE-2.6] nist_csf: [DE.CM-01, RS.AN-03] version: "1.2" author: mukul975 license: Apache-2.0 Markdown body sections When to Use Trigger conditions — when should an AI agent activate this skill? Prerequisites Required tools, access levels, and environment setup. Workflow Step-by-step execution guide with specific commands and decision points. Verification How to confirm the skill was executed successfully. Frontmatter fields: name (kebab-case, 1–64 chars), description (keyword-rich for agent discovery), domain, subdomain, tags, atlas_techniques (MITRE ATLAS IDs), d3fend_techniques (MITRE D3FEND IDs), nist_ai_rmf (NIST AI RMF references), nist_csf (NIST CSF 2.0 categories). MITRE ATT&CK technique mappings are documented in each skill's references/standards.md file and in the ATT&CK Navigator layer included with releases. 📊 MITRE ATT&CK Enterprise coverage — all 14 tactics | Tactic | ID | Coverage | Key skills | |---|---|---|---| | Reconnaissance | TA0043 | Strong | OSINT, subdomain enumeration, DNS recon | | Resource Development | TA0042 | Moderate | Phishing infrastructure, C2 setup detection | | Initial Access | TA0001 | Strong | Phishing simulation, exploit detection, forced browsing | | Execution | TA0002 | Strong | PowerShell analysis, fileless malware, script block logging | | Persistence | TA0003 | Strong | Scheduled tasks, registry, service accounts, LOTL | | Privilege Escalation | TA0004 | Strong | Kerberoasting, AD attacks, cloud privilege escalation | | Defense Evasion | TA0005 | Strong | Obfuscation, rootkit analysis, evasion detection | | Credential Access | TA0006 | Strong | Mimikatz detection, pass-the-hash, credential dumping | | Discovery | TA0007 | Moderate | BloodHound, AD enumeration, network scanning | | Lateral Movement | TA0008 | Strong | SMB exploits, lateral movement detection with Splunk | | Collection | TA0009 | Moderate | Email forensics, data staging detection | | Command and Control | TA0011 | Strong | C2 beaconing, DNS tunneling, Cobalt Strike analysis | | Exfiltration | TA0010 | Strong | DNS exfiltration, DLP controls, data loss detection | | Impact | TA0040 | Strong | Ransomware defense, encryption analysis, recovery | An ATT&CK Navigator layer file is included in the [v1.0.0 release assets for visual coverage mapping. Note: ATT&CK v19 lands April 28, 2026 — splitting Defense Evasion (TA0005) into two new tactics: Stealth and Impair Defenses. Skill mappings will be updated in a forthcoming release. 📊 NIST CSF 2.0 alignment — all 6 functions | Function | Skills | Examples | |---|---|---| | Govern (GV) | 30+ | Risk strategy, policy frameworks, roles & responsibilities | | Identify (ID) | 120+ | Asset discovery, threat landscape assessment, risk analysis | | Protect (PR) | 150+ | IAM hardening, WAF rules, zero trust, encryption | | Detect (DE) | 200+ | Threat hunting, SIEM correlation, anomaly detection | | Respond (RS) | 160+ | Incident response, forensics, breach containment | | Recover (RC) | 40+ | Ransomware recovery, BCP, disaster recovery | NIST CSF 2.0 (February 2024) added the Govern function and expanded scope from critical infrastructure to all organizations. Skill mappings align to all 22 categories and reference 106 subcategories. 📊 Framework deep dive — ATLAS, D3FEND, AI RMF MITRE ATLAS v5.4 — AI/ML adversarial threats ATLAS maps adversarial tactics, techniques, and case studies specific to AI and machine learning systems. Version 5.4 covers 16 tactics and 84 techniques including agentic AI attack vectors added in late 2025: AI agent context poisoning, tool invocation abuse, MCP server compromises, and malicious agent deployment. Skills mapped to ATLAS help agents identify and defend against threats to ML pipelines, model weights, inference APIs, and autonomous workflows. MITRE D3FEND v1.3 — Defensive countermeasures D3FEND is an NSA-funded knowledge graph of 267 defensive techniques organized across 7 tactical categories: Model, Harden, Detect, Isolate, Deceive, Evict, and Restore. Built on OWL 2 ontology, it uses a shared Digital Artifact layer to bidirectionally map defensive countermeasures to ATT&CK offensive techniques. Skills tagged with D3FEND identifiers let agents recommend specific countermeasures for detected threats. NIST AI RMF 1.0 + GenAI Profile (AI 600-1) The AI Risk Management Framework defines 4 core functions — Govern, Map, Measure, Manage — with 72 subcategories for trustworthy AI development. The GenAI Profile (AI 600-1, July 2024) adds 12 risk categories specific to generative AI, from confabulation and data privacy to prompt injection and supply chain risks. Colorado's AI Act (effective February 2026) provides a legal safe harbor for organizations complying with NIST AI RMF, making these mappings directly relevant to regulatory compliance. Compatible platforms AI code assistants Claude Code (Anthropic) · GitHub Copilot (Microsoft) · Cursor · Windsurf · Cline · Aider · Continue · Roo Code · Amazon Q Developer · Tabnine · Sourcegraph Cody · JetBrains AI CLI agents OpenAI Codex CLI · Gemini CLI (Google) Autonomous agents Devin · Replit Agent · SWE-agent · OpenHands Agent frameworks & SDKs LangChain · CrewAI · AutoGen · Semantic Kernel · Haystack · Vercel AI SDK · Any MCP-compatible agent All platforms that support the agentskills.io standard can load these skills with zero configuration. What people are saying "A database of real, organized security skills that any AI agent can plug into and use. Not tutorials. Not blog posts." — Hasan Toor (@hasantoxr), AI/tech creator "This is not a random collection of security scripts. It's a structured operational knowledge base designed for AI-driven security workflows." — fazal-sec, Medium Featured in | Where | Type | Link | |---|---|---| | awesome-agent-skills | Awesome List (1,000+ skills index) | VoltAgent/awesome-agent-skills | | awesome-ai-security | Awesome List (AI security tools) | ottosulin/awesome-ai-security | | awesome-codex-cli | Awesome List (Codex CLI resources) | RoggeOhta/awesome-codex-cli | | SkillsLLM | Skills directory & marketplace | skillsllm.com/skill/anthropic-cybersecurity-skills | | Openflows | Signal analysis & tracking | openflows.org | | NeverSight skills_feed | Automated skills index | NeverSight/skills_feed | Star history Releases | Version | Date | Highlights | |---|---|---| | v1.0.0 | March 11, 2026 | 734 skills · 26 domains · MITRE ATT&CK + NIST CSF 2.0 mapping · ATT&CK Navigator layer | Skills have continued to grow on main since v1.0.0 — the library now contains 754 skills with 5-framework mapping (MITRE ATLAS, D3FEND, and NIST AI RMF added post-release). Check Releases for the latest tagged version. Contributing This project grows through community contributions. Here is how to get involved: Add a new skill — Domains like Deception Technology (2 skills) and Compliance & Governance (5 skills) need the most help. Follow the template in CONTRIBUTING.md and submit a PR with the title Add skill: your-skill-name. Improve existing skills — Add framework mappings, fix workflows, update tool references, or contribute scripts and templates. Report issues — Found an inaccurate procedure or broken script? Open an issue. Every PR is reviewed for technical accuracy and agentskills.io standard compliance within 48 hours. Check good first issues for a starting point. This project follows the Contributor Covenant. By participating, you agree to uphold this code. Community 💬 Discussions — Questions, ideas, and roadmap conversations 🐛 Issues — Bug reports and feature requests 🔒 Security Policy — Responsible disclosure process (48-hour acknowledgment) Citation If you use this project in research or publications: @software{anthropic_cybersecurity_skills, author = {Jangra, Mahipal}, title = {Anthropic Cybersecurity Skills}, year = {2026}, url = {https://github.com/mukul975/Anthropic-Cybersecurity-Skills}, license = {Apache-2.0}, note = {754 structured cybersecurity skills for AI agents, mapped to MITRE ATT\&CK, NIST CSF 2.0, MITRE ATLAS, MITRE D3FEND, and NIST AI RMF} } License This project is licensed under the Apache License 2.0. You are free to use, modify, and distribute these skills in both personal and commercial projects. If this project helps your security work, consider giving it a ⭐ ⭐ Star · 🍴 Fork · 💬 Discuss · 📝 Contribute Community project by @mukul975. Not affiliated with Anthropic PBC.

The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.