open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions
ktg-plugin-marketplace/plugins/llm-security-copilot/templates/archive/pre-deploy-report.md
Kjell Tore Guttormsen f418a8fe08 feat(llm-security-copilot): port llm-security v5.1.0 to GitHub Copilot CLI 
Full port of llm-security plugin for internal use on Windows with GitHub
Copilot CLI. Protocol translation layer (copilot-hook-runner.mjs)
normalizes Copilot camelCase I/O to Claude Code snake_case format — all
original hook scripts run unmodified.

- 8 hooks with protocol translation (stdin/stdout/exit code)
- 18 SKILL.md skills (Agent Skills Open Standard)
- 6 .agent.md agent definitions
- 20 scanners + 14 scanner lib modules (unchanged)
- 14 knowledge files (unchanged)
- 39 test files including copilot-port-verify.mjs (17 tests)
- Windows-ready: node:path, os.tmpdir(), process.execPath, no bash

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 21:56:10 +02:00

4.3 KiB
Raw Blame History

Pre-Deployment Security Checklist

Header

Project: [Name of the project or directory assessed] Assessment date: [ISO 8601 — e.g. 2026-02-19] Assessed by: llm-security plugin v[X.X] — pre-deploy checklist Mode: Pre-deployment checklist

Score Summary

Passed: X/10 automated checks

[========--] 8/10

Verdict: [Ready for deployment / Nearly ready / Not ready]

Automated Checks

Status values: PASS — control confirmed | FAIL — control absent or broken | WARN — partial or unverified | N/A — not applicable

# Check Status Detail
1 Deny-first permissions [PASS/FAIL/WARN/N/A] [finding detail]
2 Secrets hook active [PASS/FAIL/WARN/N/A] [finding detail]
3 Path guard active [PASS/FAIL/WARN/N/A] [finding detail]
4 Destructive command guard [PASS/FAIL/WARN/N/A] [finding detail]
5 MCP servers verified [PASS/FAIL/WARN/N/A] [finding detail]
6 No hardcoded secrets [PASS/FAIL/WARN/N/A] [finding detail]
7 .gitignore covers secrets [PASS/FAIL/WARN/N/A] [finding detail]
8 CLAUDE.md security docs [PASS/FAIL/WARN/N/A] [finding detail]
9 Sandbox enabled [PASS/FAIL/WARN/N/A] [finding detail]
10 Audit logging configured [PASS/FAIL/WARN/N/A] [finding detail]

Manual Verification

Answers provided by the user during the assessment session.

  • Enterprise plan: [user answer]
  • DPIA completed: [user answer]
  • Incident response plan: [user answer]

Recommendations

FAIL items are listed first (blocking), followed by WARN items (advisory). Items with PASS or N/A status are omitted.

Priority Check # Action Effort
FAIL [#] [Specific remediation step for the failed check] [Low / Medium / High]
FAIL [#] [Specific remediation step for the failed check] [Low / Medium / High]
WARN [#] [Specific remediation step for the warned check] [Low / Medium / High]
WARN [#] [Specific remediation step for the warned check] [Low / Medium / High]

If no FAIL or WARN items exist, write: "No recommendations — all automated checks passed."

Verdict

[Ready for deployment / Nearly ready / Not ready]

  • 10/10 PASS: Ready for deployment — all automated checks passed.
  • 79 PASS: Nearly ready — address the remaining items before deploying.
  • <7 PASS: Not ready — significant security gaps remain. Resolve FAIL items before deployment.

Footer

Field Value
llm-security version [e.g. 0.1.0]
Assessment engine pre-deploy checklist
OWASP references LLM Top 10 (2025), Agentic AI Top 10
Full audit command /security audit
Report generated [ISO 8601 timestamp]