/ 디렉터리 / 플레이그라운드 / claude-cybersecurity
← 모든 서버 ↗ GitHub
● 커뮤니티 AgriciDaniel ⚡ 바로 사용

claude-cybersecurity

제작: AgriciDaniel · AgriciDaniel/claude-cybersecurity

Defensive code-review skill: 8 parallel agents for vulns, authz, secrets, supply chain, IaC, threat intel, AI-code patterns, and business-logic flaws — OWASP 2025 + CWE Top 25 + MITRE.

Zero-config defensive security review built for Claude Code. Deploys 8 specialist agents in parallel covering vulnerability detection, authorization, secret scanning, supply chain, IaC, threat intel (malware / C2 / backdoor patterns), AI-generated code patterns, and business logic flaws. Maps findings to OWASP 2025, CWE Top 25, MITRE ATT&CK, PCI-DSS. 11+ languages. Complements (not replaces) GitHub Advanced Security.

▶ 데모 보기 📦 설치 💡 사용 사례

왜 쓰나요

핵심 기능

라이브 데모

실제 사용 모습

claude-cybersecurity-skill.replay ▶ 준비됨
0/0

설치

클라이언트 선택

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "claude-cybersecurity-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/AgriciDaniel/claude-cybersecurity",
        "~/.claude/skills/claude-cybersecurity"
      ],
      "_inferred": true
    }
  }
}

Claude Desktop → Settings → Developer → Edit Config 열기. 저장 후 앱 재시작.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "claude-cybersecurity-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/AgriciDaniel/claude-cybersecurity",
        "~/.claude/skills/claude-cybersecurity"
      ],
      "_inferred": true
    }
  }
}

Cursor는 Claude Desktop과 동일한 mcpServers 스키마 사용. 프로젝트 설정이 전역보다 우선.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "claude-cybersecurity-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/AgriciDaniel/claude-cybersecurity",
        "~/.claude/skills/claude-cybersecurity"
      ],
      "_inferred": true
    }
  }
}

Cline 사이드바의 MCP Servers 아이콘 클릭 후 "Edit Configuration" 선택.

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "claude-cybersecurity-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/AgriciDaniel/claude-cybersecurity",
        "~/.claude/skills/claude-cybersecurity"
      ],
      "_inferred": true
    }
  }
}

Claude Desktop과 같은 형식. Windsurf 재시작 후 적용.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "claude-cybersecurity-skill",
      "command": "git",
      "args": [
        "clone",
        "https://github.com/AgriciDaniel/claude-cybersecurity",
        "~/.claude/skills/claude-cybersecurity"
      ]
    }
  ]
}

Continue는 맵이 아닌 서버 오브젝트 배열 사용.

~/.config/zed/settings.json
{
  "context_servers": {
    "claude-cybersecurity-skill": {
      "command": {
        "path": "git",
        "args": [
          "clone",
          "https://github.com/AgriciDaniel/claude-cybersecurity",
          "~/.claude/skills/claude-cybersecurity"
        ]
      }
    }
  }
}

context_servers에 추가. 저장 시 Zed가 핫 리로드.

claude mcp add claude-cybersecurity-skill -- git clone https://github.com/AgriciDaniel/claude-cybersecurity ~/.claude/skills/claude-cybersecurity

한 줄 명령. claude mcp list로 확인, claude mcp remove로 제거.

사용 사례

실전 활용법: claude-cybersecurity

Pre-release security review of a new service

👤 Engineering teams before shipping to production ⏱ ~60 min intermediate

언제 쓸까: Before a release with a new or heavily changed service.

사전 조건
  • Skill installed — git clone https://github.com/AgriciDaniel/claude-cybersecurity ~/.claude/skills/claude-cybersecurity
흐름
  1. Run the full 8-agent pass
    Use claude-cybersecurity on services/payment. Full pass — vulns, authz, secrets, supply chain, IaC, business logic.✓ 복사됨
    → Report with findings per agent, severity, OWASP/CWE mapping
  2. Triage and route
    Group by severity. For each critical/high, draft a GitHub issue with reproduction steps.✓ 복사됨
    → Issue drafts ready to paste

결과: A defensible pre-release sign-off with a paper trail.

함정
  • Treating business-logic flags as false positives automatically — Those are the ones static tools miss — read them twice
함께 쓰기: github · repo-forensics-skill

Review AI-generated code for the mistakes LLMs make

👤 Teams accepting lots of PR code from Copilot/Claude/Cursor ⏱ ~45 min intermediate

언제 쓸까: Auditing merged or pending PRs that were AI-assisted.

흐름
  1. Focus on the AI-code agent
    Use claude-cybersecurity — ai-code patterns only. Flag: hallucinated middleware, plausible-but-wrong crypto, trust-all defaults.✓ 복사됨
    → Pattern-specific flags
  2. Cross-check authz flags
    Now run the authorization agent — AI tends to miss role checks on non-happy paths.✓ 복사됨
    → Authz matrix showing gaps

결과: Catch the class of mistakes LLMs make before they ship.

함께 쓰기: github

Sweep infrastructure-as-code for dangerous defaults

👤 Platform teams ⏱ ~30 min intermediate

언제 쓸까: Before merging Terraform / K8s / CloudFormation changes.

흐름
  1. Run IaC agent
    Use claude-cybersecurity IaC agent on terraform/ — flag public S3, open security groups, privileged pods.✓ 복사됨
    → Misconfigs with severity + fix diffs

결과: Clean IaC before it hits the cluster.

Scan for malware / C2 / backdoor patterns in dependencies

👤 Security engineers auditing third-party code ⏱ ~30 min intermediate

언제 쓸까: New dependency coming in, or suspicious dep update.

흐름
  1. Run threat-intel agent
    Run claude-cybersecurity threat-intel on node_modules — known malicious patterns.✓ 복사됨
    → Pattern matches (or clean)

결과: Early warning before a malicious package slips in.

함정
  • False positives on obfuscated legitimate libs (e.g. minified SDKs) — Cross-check with published source; don't auto-remove
함께 쓰기: repo-forensics-skill

조합

다른 MCP와 조합해 10배 효율

claude-cybersecurity-skill + repo-forensics-skill

Layer supply-chain + install-time audits with app-level code review

Run repo-forensics on the dep tree, then claude-cybersecurity on our app code.✓ 복사됨
claude-cybersecurity-skill + github

Auto-file issues for each high-severity finding

After the review, open a GitHub issue per high finding with CWE + remediation.✓ 복사됨

도구

이 MCP가 노출하는 것

도구입력언제 호출비용
agent_vulns code path Standard review 0
agent_authz code path Multi-role apps 0
agent_secrets code path Always 0
agent_supply_chain manifest files Dep updates 0
agent_iac iac dir Infra PRs 0
agent_threat_intel code/deps path Third-party audits 0
agent_ai_code code path AI-assisted PRs 0
agent_business_logic code path, domain hints High-trust workflows (payments, auth) 0

비용 및 제한

운영 비용

API 쿼터
None
호출당 토큰
High — 8 agents in parallel
금액
Free
Scope to the diff of a PR rather than whole repo when you can

보안

권한, 시크릿, 파급범위

최소 스코프: Read on the code under review
자격 증명 저장: None
데이터 외부 송신: None beyond LLM call — findings stay local
절대 부여 금지: Write access to the audited repo during review

문제 해결

자주 발생하는 오류와 해결

Too many findings to process

Filter by severity=high,critical first; revisit rest iteratively

Agent mislabels framework conventions as vulns

Provide framework context: 'this is Rails, strong_params is in use'

대안

claude-cybersecurity 다른 것과 비교

대안언제 쓰나단점/장점
repo-forensicsYou need install-time / supply-chain vetting, not app code reviewDifferent threat model
GitHub Advanced Security (CodeQL)You want SAST integrated into the PR workflowMisses business logic and AI patterns

더 보기

리소스

📖 GitHub에서 공식 README 읽기

🐙 열린 이슈 보기

🔍 400+ MCP 서버 및 Skills 전체 보기