f418a8fe08
Full port of llm-security plugin for internal use on Windows with GitHub Copilot CLI. Protocol translation layer (copilot-hook-runner.mjs) normalizes Copilot camelCase I/O to Claude Code snake_case format — all original hook scripts run unmodified. - 8 hooks with protocol translation (stdin/stdout/exit code) - 18 SKILL.md skills (Agent Skills Open Standard) - 6 .agent.md agent definitions - 20 scanners + 14 scanner lib modules (unchanged) - 14 knowledge files (unchanged) - 39 test files including copilot-port-verify.mjs (17 tests) - Windows-ready: node:path, os.tmpdir(), process.execPath, no bash Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
36 lines
1 KiB
Markdown
36 lines
1 KiB
Markdown
---
|
|
name: security-harden
|
|
description: Generate Grade A security configuration — settings, instructions, .gitignore additions
|
|
---
|
|
|
|
# Security Harden
|
|
|
|
Generate reference security configuration based on current posture gaps.
|
|
|
|
## Step 1: Generate Recommendations
|
|
|
|
```bash
|
|
node <plugin-root>/scanners/reference-config-generator.mjs $ARGUMENTS
|
|
```
|
|
|
|
If `$ARGUMENTS` is empty, scan current working directory. Parse JSON output: `projectType`, `posture`, `recommendations[]`, `summary`.
|
|
|
|
## Step 2: Present Recommendations
|
|
|
|
Show table of recommended changes with: file, change description, current state, recommended state.
|
|
|
|
## Step 3: Apply (if confirmed)
|
|
|
|
If user confirms (or `--apply` flag is set):
|
|
```bash
|
|
node <plugin-root>/scanners/reference-config-generator.mjs $ARGUMENTS --apply
|
|
```
|
|
|
|
## Step 4: Verify
|
|
|
|
Re-run posture scanner to verify grade improvement:
|
|
```bash
|
|
node <plugin-root>/scanners/posture-scanner.mjs $ARGUMENTS
|
|
```
|
|
|
|
Report: Grade before → Grade after. If still below A, explain remaining gaps that require manual configuration (hooks, custom settings).
|