Anthropic Cybersecurity Skills

Mukul975 published 754 structured cybersecurity skills for Claude and any MCP-compatible AI agent. Apache 2.0 license. Every skill mapped to at least one major security or compliance framework.If you run security work through an AI agent in 2026, this is the largest framework-aligned skill library in the public ecosystem.What Actually ShipsThe repo contains 754 Markdown files. Each file is a self-contained skill with metadata, an input contract, an output contract, and framework tags. The skill topics span the full cybersecurity lifecycle:Offensive: reconnaissance, initial access, privilege escalation, lateral movement, data exfiltration — all aligned to MITRE ATT&CK tactics and techniques.Defensive: detection engineering, incident response playbooks, forensics workflows — aligned to MITRE D3FEND countermeasure families.Governance: NIST CSF 2.0 controls across Identify, Protect, Detect, Respond, Recover, and the new Govern function.AI-specific threats: MITRE ATLAS-aligned adversarial ML skills plus NIST AI RMF-aligned risk management skills.Regulation: Colorado AI Act compliance skills — one of the first frameworks to map state AI regulation into agent-consumable form.Why Framework Mappings MatterMost agent skill packs are unstructured. A Markdown file with a vague title and a few bullet points. They are useful for demos and useless for audit.This repo does the unsexy work of tagging every skill to a recognized framework control. That is what makes it usable for real security teams. When your CISO asks 'which skills cover NIST CSF 2.0 Protect.AA (Identity Management and Access Control)?' the repo has a filter-ready answer. When compliance asks 'show me the full coverage map for the Colorado AI Act,' the repo has it.The mapping work is what turns an agent from a demo into a deployable teammate.How to Use ItClone the repo. Point your agent framework at the skills directory. Claude Code, Cursor, Nanobot, and any agentskills.io-compatible runtime will pick up the skills as available tools. The Markdown format means you can edit, extend, or fork individual skills without touching the broader library.For team deployments, pin a specific commit in your agent config so the skill set is reproducible across runs. The repo is under active development — versions matter.Who Should Install ItInstall it if you run security workflows through an AI agent and you need framework-aligned knowledge for audit, compliance, or consistent incident response. That includes SOC teams, red teams, compliance groups, CISOs standardizing on agent-driven processes, and anyone subject to the Colorado AI Act.Skip it if your agent work is unrelated to security. The skill library is deep but narrow — it is a security specialist, not a general-purpose knowledge pack.Related ResourcesArticle: DeepSeek V4 launched — the open-weight frontier model these skills plug straight into.Tool: DeepSeek V4 — pair with this skill library for a cost-efficient security agent at $3.48/M output.Repo: HKUDS Nanobot — lightweight Python agent that can load these skills in a single config line.MCP server: Vercel Next.js DevTools MCP — pair this skill library with DevTools MCP for security-aware Next.js agent reviews.