- Home
- Skills
- Williamzujkowski
- Cognitive Toolworks
- Security Assessment Orchestrator
security-assessment-orchestrator_skill
- Python
5
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill williamzujkowski/cognitive-toolworks --skill security-assessment-orchestrator- SKILL.md23.1 KB
Overview
This skill orchestrates comprehensive security assessments across application, cloud, container, IAM, network, OS, supply chain, and zero trust domains, aligned to NIST CSF 2.0. It produces prioritized, actionable remediation roadmaps, correlated attack paths, and a NIST CSF coverage and maturity report. Designed for pre-production reviews, compliance prep, post-incident analysis, and executive reporting.
How this skill works
The orchestrator maps the requested scope to domain-specific validator skills and invokes them at a chosen depth (quick, standard, comprehensive). It aggregates and deduplicates findings, correlates cross-domain issues into attack paths, scores risk using CVSS 4.0 plus business context modifiers, and generates a JSON report with executive summary, findings, attack paths, NIST CSF coverage, maturity assessment, and a prioritized remediation roadmap. Tiers scale from a fast critical-only scan to enterprise governance and continuous monitoring recommendations.
When to use it
- Before production releases or major deployments for a full-stack security review
- Preparing for compliance audits (NIST CSF 2.0, ISO 27001, SOC 2, FedRAMP)
- After a security incident to identify root causes and chained attack paths
- Quarterly or periodic posture reviews to measure maturity and track remediation progress
- M&A or third-party due diligence requiring unified security metrics and coverage
Best practices
- Provide read access and API/CLI credentials for target environments; confirm permissions before running
- Choose depth appropriate to risk: quick-scan for triage, comprehensive for compliance or production assets
- Supply accurate business context (internet-facing, business criticality, data sensitivity) so risk scoring uses correct multipliers
- Use the orchestrator for cross-domain correlation; for single-domain checks, call the dedicated validator skill directly
- Review assigned ownership and effort estimates and convert the roadmap phases into ticketed remediation work
Example use cases
- Rapid critical-only scan before a production launch to identify top 3 urgent fixes
- Full-stack comprehensive assessment for SOC 2 or ISO 27001 readiness with NIST CSF 2.0 mapping
- Post-breach analysis that correlates IAM, cloud, and app findings into an attack path and remediation plan
- Quarterly enterprise review producing board-level metrics, Cyber Risk Quantification, and continuous monitoring blueprint
- M&A due diligence delivering a prioritized security remediation list and maturity benchmark
FAQ
Assessment scope, target environment, compliance requirement, depth level, and minimal business context (internet-facing, criticality). Read access and provider credentials are required for in-scope assets.
When will the orchestrator abort the assessment?
It will abort if required access is missing, fewer than three relevant domain skills apply, or compliance requirements are contradictory; in each case it emits an access or conflict checklist.
How are findings prioritized?
Severity-first (CVSS ≥9.0 top), then ROI within the same severity, with compliance-mapped findings and internet-facing production assets elevated per decision rules.
What outputs are produced?
A JSON report containing executive_summary, findings_by_domain, nist_csf_coverage, security_maturity_assessment, attack_paths, and a prioritized_roadmap.