Stats
Actions
Tags
From cybersecurity-skills
Monitors EC2/GCE instances for runtime threats: cryptominers, reverse shells, unauthorized binaries, and C2 callbacks using boto3 and google-cloud APIs.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills:implementing-cloud-workload-protectionThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- When deploying or configuring implementing cloud workload protection capabilities in your environment
Monitor cloud workloads for runtime threats by checking process lists, network connections, file integrity, and resource utilization anomalies.
import boto3
ssm = boto3.client("ssm")
# Run command on EC2 instances to check for suspicious processes
response = ssm.send_command(
InstanceIds=["i-1234567890abcdef0"],
DocumentName="AWS-RunShellScript",
Parameters={"commands": ["ps aux | grep -E 'xmrig|minerd|cryptonight'"]},
)
Key protection areas:
# Check for unauthorized outbound connections
ssm.send_command(
InstanceIds=instances,
DocumentName="AWS-RunShellScript",
Parameters={"commands": ["ss -tlnp | grep ESTABLISHED"]},
)
npx claudepluginhub costrict-plugins-repo/mukul975-anthropic-cybersecurity-skills-cybersecurity-skillsMonitors cloud workloads for runtime threats using boto3 and google-cloud APIs: process anomaly detection, file integrity checks, cryptomining/reverse shell scanning on EC2/GCE instances.
Implements cloud workload protection using boto3/google-cloud APIs for EC2/GCE runtime security: process anomaly detection, file integrity monitoring, cryptomining/reverse shell scans.
Implements cloud workload protection using boto3/google-cloud APIs for EC2/GCE runtime security: process anomaly detection, file integrity monitoring, cryptomining/reverse shell scans.