What cloud providers are supported by this skill?

This skill specifically provides hardening patterns for AWS and Kubernetes environments, focusing on CIS benchmarks and secure configuration.

Can this skill help manage sensitive credentials?

Yes, it provides implementation examples for using the External Secrets Operator to sync secrets from AWS Secrets Manager into Kubernetes securely.

Does it help with Kubernetes Pod Security?

Yes, it includes patterns for implementing secure Pod Security Contexts, such as running as non-root, disabling privilege escalation, and using read-only root filesystems.

Which security scanners does this skill help me use?

The skill provides guidance and commands for Trivy (containers), tfsec and Checkov (IaC), and kubesec (Kubernetes manifests).

Infrastructure Security Hardening

Name: Infrastructure Security Hardening
Author: timequity

bytimequity

0•

Security & Testing

Hardens cloud infrastructure and Kubernetes environments using CIS benchmarks, secure configuration patterns, and automated vulnerability scanning.

The Infrastructure Security Hardening skill provides Claude with domain-specific knowledge to secure cloud deployments and containerized workloads. It offers implementation patterns for AWS CIS benchmarks, Kubernetes pod security contexts, and network policies to ensure environment resilience. By integrating best practices for secrets management via External Secrets Operator and automated scanning tools like Trivy, tfsec, and Checkov, this skill helps developers proactively identify and remediate vulnerabilities in their infrastructure as code and container images.

Key Features

01Secure secrets management using External Secrets Operator and AWS Secrets Manager

02Pod security hardening including non-root execution and read-only filesystems

03Kubernetes RBAC and network policy configuration patterns

04AWS CIS benchmark compliance auditing and implementation

05Integration with vulnerability scanners like Trivy, tfsec, and Checkov

060 GitHub stars

Use Cases

01Hardening Kubernetes clusters for production-grade security compliance

02Automating infrastructure-as-code (IaC) security scanning during the development lifecycle

03Auditing and securing AWS environments based on industry-standard benchmarks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add timequity/plugins security-hardening

For use in Claude.ai and ChatGPT

Download Skill