Linux Firewall Hardening

The linux-firewall-hardening skill bundle is a well-engineered and safety-oriented tool for managing Linux firewalls across UFW, firewalld, nftables, and iptables. It implements a robust state machine with mandatory environment auditing (scripts/audit-firewall.sh), dry-run planning (scripts/firewall-plan.sh), and post-apply verification (scripts/firewall-verify.sh). Key safety features include a risk-tier gating system, an approval token mechanism to prevent unauthorized changes, and automated rollback procedures using 'at' or 'systemd-run'. The documentation (SKILL.md and references/) provides extensive guardrails against common pitfalls, such as breaking Kubernetes networking or conflicting with IaC tools like Terraform. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found.