Security patterns and hardening guides for cloud-native applications, GitHub Actions, and supply chain security
Why pinning GitHub Actions to SHA-256 commits matters for supply chain security. Attack vectors from unpinned actions and comparison of tag vs SHA pinning.
Copy-paste hardened CI/CD workflows with SHA-pinned actions, minimal GITHUB_TOKEN permissions, OIDC authentication, and comprehensive security scanning for GitHub Actions.
Deployment protection with environment protection rules, required reviewers, wait timers, and approval gates for production deployments.
Disposable runner patterns for GitHub Actions. Container-based, VM-based, and ARC deployment strategies with complete state isolation between jobs.
Quick reference for GitHub Actions security patterns. Copy-paste snippets for action pinning, token permissions, secrets, runners, and workflow hardening.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Claude Code skills marketplace for secure development patterns, enforcement automation, and build engineering.
Status: 🚧 Under active development
# Add the AEL skills marketplace
/plugin marketplace add adaptive-enforcement-lab/claude-skills
# Install individual plugin collections
/plugin install patterns@ael-skills
/plugin install enforcement@ael-skills
/plugin install build@ael-skills
Reusable engineering patterns automatically generated from AEL documentation:
Security and compliance enforcement automation from AEL enforcement guides:
Build engineering patterns from AEL build guides:
All skills in this repository are automatically generated from AEL documentation:
To auto-register this marketplace for your team, add to .claude/settings.json in your project:
{
"extraKnownMarketplaces": {
"ael-skills": {
"source": {
"source": "github",
"repo": "adaptive-enforcement-lab/claude-skills"
}
}
},
"enabledPlugins": {
"patterns@ael-skills": true,
"enforcement@ael-skills": true,
"build@ael-skills": true
}
}
.claude-plugin/
└── marketplace.json # Marketplace catalog
plugins/ # Generated plugins (DO NOT EDIT)
├── patterns/
│ ├── .claude-plugin/
│ │ └── plugin.json # Plugin metadata
│ └── skills/ # Pattern skills
├── enforce/
│ ├── .claude-plugin/
│ │ └── plugin.json # Plugin metadata
│ └── skills/ # Enforcement skills
├── build/
│ ├── .claude-plugin/
│ │ └── plugin.json # Plugin metadata
│ └── skills/ # Build skills
└── secure/
├── .claude-plugin/
│ └── plugin.json # Plugin metadata
└── skills/ # Security skills
skillgen/ # Generator source
├── cmd/skillgen/ # Main application
├── internal/
│ ├── domain/ # Core entities
│ ├── ports/ # Interfaces
│ ├── adapters/ # Implementations
│ └── services/ # Business logic
└── templates/ # Go templates
.github/workflows/
└── generate-skills.yml # CI automation
# Build the generator
cd skillgen && go build -o ../bin/skillgen ./cmd/skillgen
# Run generator (from repo root)
./bin/skillgen \
--source ../adaptive-enforcement-lab-com/docs \
--output plugins \
--plugin-metadata ./plugin-metadata.json \
--release-manifest ./.release-please-manifest.json
# Run tests
cd skillgen && go test ./...
See CONTRIBUTING.md for detailed development guidelines.
This project follows Clean/Hexagonal Architecture:
internal/domain): Core entities and business logicinternal/ports): Interfaces for external dependenciesinternal/adapters): Implementations (filesystem, parsers)internal/services): Application services (extractors, generators)cmd/skillgen): Entry point and dependency injectionReleases are automated using release-please:
Contributions are welcome! See CONTRIBUTING.md for:
For security vulnerability reporting, see SECURITY.md.
Turn secure development into an enforced standard, not an afterthought.
npx claudepluginhub adaptive-enforcement-lab/claude-skills --plugin secureReusable engineering patterns for error handling, state management, performance optimization, and resilience
adaptive-enforcement-labBuild engineering patterns for CI/CD pipelines, release automation, and deployment strategies
adaptive-enforcement-labSecurity and compliance enforcement automation including pre-commit hooks, policy checks, and validation
adaptive-enforcement-labComprehensive security plugin: OWASP Top 10, authentication patterns, cryptography, API security, secrets management, supply chain security, DevSecOps, container security, zero trust, and threat modeling.
melodic-softwareAudit and harden your software supply chain - packages, containers, GitHub Actions, IaC, AI/ML models, and IDE extensions. Action commands fix issues directly; walkthrough commands guide you through advanced setup.
latiotechFind security misconfigurations
jeremylongshoreEditorial "Security Engineer" bundle for Claude Code from Antigravity Awesome Skills.
sickn33Security skills for AI coding agents — supply chain incident response, credential rotation, IOC detection, and dependency hardening across npm, PyPI, GitHub Actions, and more
makashSecurity best practices advisor with vulnerability detection and fixes
rohitg00