Stats
Actions
Tags
From prodsec-skills
Enforces centralized security logging for model registries. Covers events to log, structured JSON format, standard protocols, and implementation checklist.
How this skill is triggered — by the user, by Claude, or both
Slash command
/prodsec-skills:model-registry-loggingThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Model registry accesses, model uploads and downloads, and any security events MUST be sent to a centralized logging facility using standard protocols.
Model registry accesses, model uploads and downloads, and any security events MUST be sent to a centralized logging facility using standard protocols.
| Event Category | Specific Events |
|---|---|
| Access events | User logins, API access, storage access |
| Model lifecycle | Model uploads, downloads, deletions, version changes |
| Security events | Signature verification failures, scanning results, access denials |
| Administrative events | Configuration changes, permission changes, user management |
| Anomalies | Unusual download patterns, access from unexpected sources |
| Requirement | Details |
|---|---|
| Centralized destination | All logs sent to a central logging facility (SIEM, ELK, Splunk) |
| Standard protocols | Use standard log shipping protocols (syslog, OTLP, Fluentd) |
| Structured format | Logs in structured format (JSON) with consistent field names |
| Identity included | Every log entry includes the authenticated principal's identity |
| Tamper protection | Logs should not be modifiable by the application or its operators |
| Retention | Log retention per organizational and regulatory requirements |
{
"timestamp": "2026-03-03T10:30:00Z",
"event_type": "model.signature_verification_failed",
"severity": "high",
"principal": "pipeline:ci-model-upload",
"model_id": "llama-3-fine-tuned-v2",
"details": "Signature verification failed: unknown signing key",
"source_ip": "10.0.1.50",
"registry": "prod-model-registry"
}
npx claudepluginhub redhatproductsecurity/prodsec-skills --plugin prodsec-skillsEnforces audit logging for AI systems accessing sensitive external data sources. Covers what to log, transport protocols, and safety rules to prevent secrets/PII leakage.
Logs security-relevant events (who, what, when, where, outcome) in a structured, tamper-evident format for real-time detection and forensic reconstruction. Use when designing audit infrastructure or preparing for SOC2, HIPAA, or PCI-DSS compliance.
Guides structured security logging for auth flows, admin actions, and access denials to enable detection, forensics, and incident response.