From 71ea4e69472a1d1779d625d718f6a26e3c05abfc Mon Sep 17 00:00:00 2001 From: Wegz Date: Thu, 9 Apr 2026 00:14:21 -0400 Subject: [PATCH 1/2] =?UTF-8?q?fix:=20tighten=20README=20=E2=80=94=20accur?= =?UTF-8?q?ate=20description,=20scanned-by=20badge,=20skill=20usage?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 8556a2b..0db9787 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,11 @@ [![CI](https://github.com/msaad00/cloud-security/actions/workflows/ci.yml/badge.svg)](https://github.com/msaad00/cloud-security/actions/workflows/ci.yml) [![License: Apache 2.0](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](LICENSE) [![Python 3.11+](https://img.shields.io/badge/python-3.11+-blue.svg)](https://www.python.org/downloads/) -Production-grade cloud security benchmarks and automation — CIS checks for AWS/GCP/Azure, Kubernetes and container hardening, model serving security, GPU cluster security, IAM remediation, and vulnerability response pipelines. Each skill is compliance-mapped, tested, and ready to deploy. +[![Scanned by agent-bom](https://img.shields.io/badge/scanned_by-agent--bom-164e63)](https://github.com/msaad00/agent-bom) + +Production-grade cloud security benchmarks and automation — 10 skills, 159 tests, compliance-mapped to MITRE ATT&CK, NIST CSF, CIS, ISO 27001, and SOC 2. + +Each skill is a standalone Python script with its own checks, tests, examples, and SKILL.md definition following [Anthropic's skill spec](https://docs.anthropic.com). Skills can be used directly from the CLI, integrated into CI/CD pipelines, or referenced by AI agents that read SKILL.md files (Claude Desktop, Cortex Code, etc.). ## Skills From 7aa9706db4451d368d04f4b31cc8e37b8a5dc29b Mon Sep 17 00:00:00 2001 From: Wegz Date: Thu, 9 Apr 2026 00:15:00 -0400 Subject: [PATCH 2/2] fix: expand IAM departures diagram with reconciler + target detail --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 0db9787..af2191f 100644 --- a/README.md +++ b/README.md @@ -29,10 +29,10 @@ Each skill is a standalone Python script with its own checks, tests, examples, a ```mermaid flowchart LR HR["HR Sources\nWorkday · Snowflake\nDatabricks · ClickHouse"] - REC["Reconciler\nSHA-256 diff"] - SFN["Step Function\nParser → Worker"] - TGT["IAM Cleanup\n13 steps · 5 clouds"] - AUDIT["Audit\nDDB + S3"] + REC["Reconciler\nSHA-256 row diff\nchange detect → S3 manifest\nKMS encrypted"] + SFN["Step Function\nParser: validate · grace period · rehire\nWorker: 13-step IAM cleanup"] + TGT["5 Cloud Targets\nAWS IAM · Azure Entra\nGCP IAM · Snowflake · Databricks"] + AUDIT["Audit Trail\nDynamoDB + S3\nwarehouse ingest-back"] HR --> REC --> SFN --> TGT --> AUDIT