Skip to main content
ClaudeWave
Skill209 repo starsupdated today

server-security

服务器安全审计与加固。扫描 SSH、防火墙、端口暴露、文件权限、暴力破解等安全问题,生成报告并提供一键修复。当用户说服务器安全、安全审计、安全检查、安全加固时使用

View sourceRepository: spellbook
Install in Claude Code
Copy
git clone --depth 1 https://github.com/majiayu000/spellbook /tmp/server-security && cp -r /tmp/server-security/skills/server-security ~/.claude/skills/server-security
Then start a new Claude Code session; the skill loads automatically.
Definition

SKILL.md

# Server Security Audit

Use this skill for server security audits and reversible hardening plans across SSH, firewall, users, services, file permissions, and update posture.

## Routing

- Start here to confirm scope, safety boundaries, and the minimum workflow.
- Load `references/full-guide.md` before executing detailed commands, applying templates, or relying on examples from this skill.
- Keep the work limited to the user-requested target; do not add adjacent improvements unless the user asks.

## Quick Workflow

1. Confirm the target, available context, constraints, and done-when signal.
2. Read the relevant section of `references/full-guide.md` for task-specific details.
3. Execute the smallest reversible action that satisfies the request.
4. Verify with read-only evidence first, then document every applied change with rollback commands and post-change validation.
5. Report changed files, commands run, evidence collected, and any remaining risk.

## References

- `references/full-guide.md` - complete command patterns, examples, checklists, and edge cases.
More from this repository
backend-typescript-architectSubagent

Senior backend TypeScript architect specializing in Bun/Node.js runtime, API design, database optimization, and scalable server architecture.

code-archaeologistSubagent

Expert at exploring and understanding legacy and unfamiliar codebases. Maps dependencies, identifies patterns, and creates documentation for complex systems.

kubernetes-specialistSubagent

Kubernetes architect specializing in cluster design, manifests, Helm charts, GitOps workflows, security policies, and production operations.

opensource-contributorSubagent

Systematic open source contributor that analyzes projects, finds suitable issues, implements fixes, and creates high-quality PRs with high acceptance probability.

security-auditorSubagent

Application security expert specializing in SAST, vulnerability assessment, OWASP Top 10, compliance auditing, and security architecture review.

senior-code-reviewerSubagent

Fullstack code reviewer with 15+ years experience analyzing code for security vulnerabilities, performance bottlenecks, architectural decisions, and best practices.

tech-lead-orchestratorSubagent

Senior technical lead who analyzes complex projects and coordinates multi-step development tasks. Delegates to specialized agents and ensures quality delivery.

push-allSkill

Use when the user explicitly asks to stage all current changes, create a commit, and push to the remote after safety checks.