generating-security-audit-reports
Generate comprehensive security audit reports for applications and systems. Use when you need to assess security posture, identify vulnerabilities, evaluate compliance status, or create formal security documentation. Trigger with phrases like "create security audit report", "generate security assessment", "audit security posture", or "PCI-DSS compliance report".
Installation
Details
Usage
After installing, this skill will be available to your AI coding assistant.
Verify installation:
skills listSkill Instructions
name: generating-security-audit-reports description: | Generate comprehensive security audit reports for applications and systems. Use when you need to assess security posture, identify vulnerabilities, evaluate compliance status, or create formal security documentation. Trigger with phrases like "create security audit report", "generate security assessment", "audit security posture", or "PCI-DSS compliance report".
allowed-tools: Read, Write, Edit, Grep, Glob, Bash(security-scan:), Bash(report-gen:) version: 1.0.0 author: Jeremy Longshore jeremy@intentsolutions.io license: MIT
Generating Security Audit Reports
Overview
This skill provides automated assistance for the described functionality.
Prerequisites
Before using this skill, ensure:
- Security scan data or logs are available in {baseDir}/security/
- Access to application configuration files
- Security tool outputs (e.g., vulnerability scanners, SAST/DAST results)
- Compliance framework documentation (if applicable)
- Write permissions for generating report files
Instructions
- Collect available security signals (scanner outputs, configs, logs).
- Analyze findings and map to risk + compliance requirements.
- Generate a report with prioritized remediation guidance.
- Format outputs (Markdown/HTML/PDF) and include evidence links.
See {baseDir}/references/implementation.md for detailed implementation guide.
Output
The skill produces:
Primary Output: Comprehensive security audit report saved to {baseDir}/reports/security-audit-YYYYMMDD.md
Report Structure:
# Security Audit Report - [System Name]
## Error Handling
See `{baseDir}/references/errors.md` for comprehensive error handling.
## Examples
See `{baseDir}/references/examples.md` for detailed examples.
## Resources
- OWASP Top 10: https://owasp.org/www-project-top-ten/
- CWE Top 25: https://cwe.mitre.org/top25/
- NIST Cybersecurity Framework: https://www.nist.gov/cyberframework
- PCI-DSS Requirements: https://www.pcisecuritystandards.org/
- GDPR Compliance Checklist: https://gdpr.eu/checklist/
More by jeremylongshore
View allRabbitmq Queue Setup - Auto-activating skill for Backend Development. Triggers on: rabbitmq queue setup, rabbitmq queue setup Part of the Backend Development skill category.
evaluating-machine-learning-models: This skill allows Claude to evaluate machine learning models using a comprehensive suite of metrics. It should be used when the user requests model performance analysis, validation, or testing. Claude can use this skill to assess model accuracy, precision, recall, F1-score, and other relevant metrics. Trigger this skill when the user mentions "evaluate model", "model performance", "testing metrics", "validation results", or requests a comprehensive "model evaluation".
building-neural-networks: This skill allows Claude to construct and configure neural network architectures using the neural-network-builder plugin. It should be used when the user requests the creation of a new neural network, modification of an existing one, or assistance with defining the layers, parameters, and training process. The skill is triggered by requests involving terms like "build a neural network," "define network architecture," "configure layers," or specific mentions of neural network types (e.g., "CNN," "RNN," "transformer").
Oauth Callback Handler - Auto-activating skill for API Integration. Triggers on: oauth callback handler, oauth callback handler Part of the API Integration skill category.