vibed-lab / agents

briiirussell/cybersecurity-skills

219 stars · Last commit 2026-05-27

Cybersecurity skills for AI coding agents (Claude Code, Cursor, Codex)

Code ReviewTestingDebuggingDocumentationDevOps & InfraSecurityFrontendBackendData & ML

README preview

# Cybersecurity Skills for AI Agents

A collection of cybersecurity skills for AI coding agents. The AI does the heavy lifting; you bring the context about your stack and your priorities.

**Built to be useful at every experience level:**

- **Security engineers and pentesters** running formal audits — concrete grep patterns, OWASP / NIST / ATT&CK alignment, report templates that pass auditor review
- **Developers** shipping safer code without a dedicated security team to lean on — security work that fits into a normal sprint, plain-English explanations of why each finding matters
- **Founders, ops folks, and small-team operators** securing a stack they can't afford a CISO for — guided, opinionated playbooks for the most common security work, with the audit skill explaining what it found and why
- **Red / blue / purple teams** running real engagements — offensive recon, web pentest, threat hunting, detection engineering, SOC operations

You do not need to be a security expert to use these skills. The skills are written so the AI agent can run them end-to-end and explain the findings in language any technical reader can follow. If you can describe what you have and what you want to know about it, the agent can do the work.

Skills are authored as Claude Code [`SKILL.md` files](https://code.claude.com/docs/en/skills) (the canonical format) and built into adapters for Cursor and Codex. Installable via [`npx skills`](https://github.com/vercel-labs/skills) or the Claude Code plugin marketplace.

Built by [Bri Russell](https://github.com/briiirussell). I run real audits with these skills, then bring the gaps I find back into the skill itself — so each version is a little less opinion and a little more evidence.

**Contributions welcome!** Field feedback is the most valuable contribution — whether you're a security engineer who hit a gap during an audit, a developer whose AI agent missed something obvious, or a founder who used a skill and got an answer that wasn't quite right. [Open a PR](#contributing) or [open an issue](https://github.com/briiirussell/cybersecurity-skills/issues) — every level of expertise produces useful signal.

## Where to start

View full repository on GitHub →