// Agent profile
Anthropic-Cybersecurity-Skills (mukul975/Anthropic-Cybersecurity-Skills) is a community-created repository of 817 structured cybersecurity skills for AI agents, each following the agentskills.io open standard. Every skill is mapped to six industry frameworks: MITRE ATT&CK (754/754 Enterprise techniques across all 14 tactics), NIST CSF 2.0, MITRE ATLAS, D3FEND, NIST AI RMF, and the MITRE Fight Fraud Framework (F3). At 21K GitHub stars (+600/day), it covers 29 security domains and works with 26+ AI agent platforms including Claude Code, GitHub Copilot, Cursor, Codex CLI, Gemini CLI, Aider, Continue, Roo Code, Amazon Q, Devin, LangChain, CrewAI, AutoGen, and any MCP-compatible agent. Apache 2.0 licensed. Not affiliated with Anthropic PBC.
Anthropic-Cybersecurity-Skills is a community-created library of 817 structured cybersecurity skills designed to give AI coding agents deep security domain knowledge. Each skill follows the agentskills.io open standard — a structured format that any compatible agent platform can consume — and is mapped to six industry-standard security frameworks. The project is not affiliated with Anthropic PBC despite its name; it was built independently by the community.
At 21K GitHub stars with +600 new stars per day, it has become the largest structured cybersecurity skill set for AI agents. The repository covers 29 security domains spanning offensive security, defensive operations, threat intelligence, incident response, compliance, cloud security, and more.
The core value is framework coverage depth. Every skill maps to MITRE ATT&CK Enterprise (754/754 techniques across all 14 tactics), giving agents complete coverage of the adversary behavior taxonomy. Skills also map to NIST Cybersecurity Framework 2.0 for organizational security posture, MITRE ATLAS for AI/ML-specific threats, D3FEND for defensive countermeasures, NIST AI RMF for AI risk management, and the MITRE Fight Fraud Framework (F3) for fraud detection.
Each skill includes structured metadata — description, prerequisites, expected outputs, and framework mappings — stored in the skill’s references/standards.md file. An ATT&CK Navigator layer ships with each release for visual coverage analysis.
Security teams use these skills to augment AI coding agents with cybersecurity expertise — an agent equipped with these skills can perform threat modeling, write detection rules, analyze incident indicators, assess compliance gaps, and generate security documentation. The platform-agnostic design means the same skill set works across Claude Code, GitHub Copilot, Cursor, Codex CLI, Gemini CLI, and 20+ other agent platforms. Particularly valuable for DevSecOps teams wanting to shift security left by giving their coding agents native security awareness.
This is a skill definition library, not a runtime security tool. The skills provide structured knowledge that agents consume — they don’t execute security scans or active defense on their own. Effectiveness depends on the underlying agent platform’s ability to interpret and apply the skill definitions. The “Anthropic” in the name is a community choice, not an official endorsement.
Local-first session intelligence and analytics platform for coding agents, supporting Claude Code, Codex, and 20+ other agents.
Disposable, network-restricted Linux VMs for AI coding agents — hypervisor isolation without Dockerfiles or devcontainers.
Tool-output sandboxing layer that cuts agent context spend 60-98% on multi-step coding loops by isolating intermediate command output.