Labsco
microsoft logo

owasp-cicd

✓ Official1,200

by microsoft · part of microsoft/hve-core

OWASP CI/CD Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in continuous integration and continuous delivery…

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
🧩 One of 7 skills in the microsoft/hve-core package — works on its own, and pairs well with its siblings.

This is the playbook your agent receives when the skill activates — you don't need to read it to use the skill, but it's here to audit before installing.

by microsoft

OWASP CI/CD Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in continuous integration and continuous delivery… npx skills add https://github.com/microsoft/hve-core --skill owasp-cicd Download ZIPGitHub1.2k

OWASP® CI/CD Top 10 — Skill Entry

This SKILL.md is the entrypoint for the OWASP CI/CD Top 10 skill.

The skill encodes the OWASP Top 10 CI/CD Security Risks as structured, machine-readable references that an agent can query to identify, assess, and remediate CI/CD pipeline security risks.

Normative references (CI/CD Top 10)

Skill layout

  • SKILL.md — this file (skill entrypoint).

  • references/ — the CI/CD Top 10 normative documents.

  • 00-vulnerability-index.md — index of all vulnerability identifiers, categories, and cross-references.

  • 01 through 10 — one document per vulnerability aligned with OWASP CI/CD Security numbering.

Third-Party Attribution

Copyright © OWASP Foundation. OWASP® Top 10 CI/CD Security Risks content is derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0/). Source: https://owasp.org/www-project-top-10-ci-cd-security-risks/ Modifications: Vulnerability descriptions restructured into agent-consumable reference documents with added detection and remediation guidance. OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement.