feat: model serving + GPU cluster security skills#7
Merged
Conversation
Two new skills filling gaps in AI infrastructure security: model-serving-security (16 checks, 31 tests): Auth & RBAC (3): endpoint auth, hardcoded secrets, role-based access Abuse prevention (2): rate limiting, input size limits Data egress (3): output filtering, memorization guard, PII in logs Runtime (3): no privileged, read-only rootfs, non-root user Network (2): TLS enforced, no public endpoints Safety (3): prompt injection guard, content safety, model versioning Mapped to: MITRE ATLAS, NIST CSF 2.0, OWASP LLM Top 10 gpu-cluster-security (13 checks, 31 tests): Runtime isolation (3): no privileged GPU, device plugin, no host IPC Driver/CUDA (2): known CVE check, CUDA version compliance Network (2): InfiniBand segmentation, NetworkPolicy on GPU namespaces Storage (2): /dev/shm limits, model weight encryption Tenant (2): namespace isolation, GPU resource quotas Observability (2): DCGM monitoring, audit logging Mapped to: MITRE ATT&CK, NIST CSF 2.0, CIS Controls v8 Both skills include: - Mermaid architecture diagrams - Security guardrails (read-only, no API calls, safe for production) - Human-in-the-loop policy (automated assessment, human for remediation) - Compliance framework mappings with specific control IDs - JSON/console output with exit codes for CI/CD - Full test suites (62 tests total, all passing) CI updated to run both new test suites. README + CLAUDE.md updated with new skills.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Two new security benchmark skills filling critical gaps in AI infrastructure security — no CIS benchmark exists for either domain today.
model-serving-security (16 checks, 31 tests)
Audits model deployment infrastructure: API gateways, Kubernetes serving pods, cloud-native endpoints.
Mapped to: MITRE ATLAS (7 techniques), NIST CSF 2.0, OWASP LLM Top 10
gpu-cluster-security (13 checks, 31 tests)
Audits GPU compute clusters: Kubernetes, Docker, bare-metal.
Mapped to: MITRE ATT&CK (7 techniques), NIST CSF 2.0, CIS Controls v8
Both skills include
Also includes
Test plan