Stats
Actions
Tags
From cps-cyber
Cybersecurity skills — maturity assessment, iso 27001 gap, threat modeling, secure-by-design review, and more. Apply when the engagement scope includes cybersecurity work or the consultant references cybersecurity, ISO 27001, NIST CSF.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cps-cyber:cyberThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
**Code:** CYBER
Code: CYBER Full name: Cybersecurity Description: Advisory across security strategy, ISO 27001 readiness, threat modeling, secure-by-design reviews, and security operations maturity.
| # | Skill | Command | Purpose |
|---|---|---|---|
| 1 | Maturity Assessment | /cps-cyber:maturity-assess | Score the client's security capabilities against NIST CSF / ISO 27001 controls. |
| 2 | ISO 27001 Gap | /cps-cyber:iso27001-gap | Map current controls to ISO 27001 Annex A; produce a gap register and remediation plan. |
| 3 | Threat Modeling | /cps-cyber:threat-model | Run STRIDE / PASTA on a target system; produce threat register + mitigations. |
| 4 | Secure-by-Design Review | /cps-cyber:secure-by-design | Architectural review for new systems against secure-by-design principles. |
| 5 | Incident Runbook | /cps-cyber:incident-runbook | Author / refresh incident response runbooks with severity tiers and playbooks. |
| 6 | Vendor Risk Assessment | /cps-cyber:vendor-risk | Score third-party vendors on security posture using CAIQ / SIG Lite. |
/cps-cyber:maturity-assessScore the client's security capabilities against NIST CSF / ISO 27001 controls.
client:
name: "Client Name"
industry: "Industry"
context:
scope: "in-scope description"
constraints: ["constraint 1", "constraint 2"]
references:
- "Prior deliverable / document name"
- "External benchmark / source"
/cps:verify-quality and pass through Every control gap mapped to a CIS Critical Security Control or ISO 27001 Annex A clause.A CPS-branded Maturity Assessment deliverable in 05_Deliverables_Final/. Pyramid-Principle structured, sourced, and reviewed.
/cps-cyber:iso27001-gapMap current controls to ISO 27001 Annex A; produce a gap register and remediation plan.
client:
name: "Client Name"
industry: "Industry"
context:
scope: "in-scope description"
constraints: ["constraint 1", "constraint 2"]
references:
- "Prior deliverable / document name"
- "External benchmark / source"
/cps:verify-quality and pass through Every control gap mapped to a CIS Critical Security Control or ISO 27001 Annex A clause.A CPS-branded ISO 27001 Gap deliverable in 05_Deliverables_Final/. Pyramid-Principle structured, sourced, and reviewed.
/cps-cyber:threat-modelRun STRIDE / PASTA on a target system; produce threat register + mitigations.
client:
name: "Client Name"
industry: "Industry"
context:
scope: "in-scope description"
constraints: ["constraint 1", "constraint 2"]
references:
- "Prior deliverable / document name"
- "External benchmark / source"
/cps:verify-quality and pass through Every control gap mapped to a CIS Critical Security Control or ISO 27001 Annex A clause.A CPS-branded Threat Modeling deliverable in 05_Deliverables_Final/. Pyramid-Principle structured, sourced, and reviewed.
/cps-cyber:secure-by-designArchitectural review for new systems against secure-by-design principles.
client:
name: "Client Name"
industry: "Industry"
context:
scope: "in-scope description"
constraints: ["constraint 1", "constraint 2"]
references:
- "Prior deliverable / document name"
- "External benchmark / source"
/cps:verify-quality and pass through Every control gap mapped to a CIS Critical Security Control or ISO 27001 Annex A clause.A CPS-branded Secure-by-Design Review deliverable in 05_Deliverables_Final/. Pyramid-Principle structured, sourced, and reviewed.
/cps-cyber:incident-runbookAuthor / refresh incident response runbooks with severity tiers and playbooks.
client:
name: "Client Name"
industry: "Industry"
context:
scope: "in-scope description"
constraints: ["constraint 1", "constraint 2"]
references:
- "Prior deliverable / document name"
- "External benchmark / source"
/cps:verify-quality and pass through Every control gap mapped to a CIS Critical Security Control or ISO 27001 Annex A clause.A CPS-branded Incident Runbook deliverable in 05_Deliverables_Final/. Pyramid-Principle structured, sourced, and reviewed.
/cps-cyber:vendor-riskScore third-party vendors on security posture using CAIQ / SIG Lite.
client:
name: "Client Name"
industry: "Industry"
context:
scope: "in-scope description"
constraints: ["constraint 1", "constraint 2"]
references:
- "Prior deliverable / document name"
- "External benchmark / source"
/cps:verify-quality and pass through Every control gap mapped to a CIS Critical Security Control or ISO 27001 Annex A clause.A CPS-branded Vendor Risk Assessment deliverable in 05_Deliverables_Final/. Pyramid-Principle structured, sourced, and reviewed.
Discovery → /cps-cyber:maturity-assess → /cps-cyber:iso27001-gap → Recommendations
| Plugin | Integration point |
|---|---|
cps-iso | Joint ISO 27001 + ISO 9001/42001 readiness work |
cps-risk | Map cyber risks into the enterprise risk register |
cps-aig | AI governance security control overlay (ISO 42001 + 27001) |
All deliverables use standard CPS branding via:
/doc-gen for document generationassets/cps-branding.json for stylingscripts/cps-document-generator.js for automation| Skill | Primary artifact | Format |
|---|---|---|
/cps-cyber:maturity-assess | Maturity Assessment Report | DOCX/PDF |
/cps-cyber:iso27001-gap | ISO 27001 Gap Report | DOCX/PDF |
/cps-cyber:threat-model | Threat Modeling Report | DOCX/PDF |
/cps-cyber:secure-by-design | Secure-by-Design Review Report | DOCX/PDF |
/cps-cyber:incident-runbook | Incident Runbook Report | DOCX/PDF |
/cps-cyber:vendor-risk | Vendor Risk Assessment Report | DOCX/PDF |
npx claudepluginhub hossamdaoud83/cps-plugins-official --plugin cps-cyberProvides CDSS development patterns for drug interaction checking, dose validation, clinical scoring (NEWS2, qSOFA), and alert classification integrated into EMR workflows.