Intel Security

v2.0.1

Intelligence Security Operations - Unified skill covering all security tiers (lead, senior, mid, junior). Manages information security policy, STRIDE threat...

⭐ 0· 19·0 current·0 all-time

by@johnsmithfan

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for johnsmithfan/intel-security.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Intel Security" (johnsmithfan/intel-security) from ClawHub.
Skill page: https://clawhub.ai/johnsmithfan/intel-security
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install johnsmithfan/intel-security

ClawHub CLI

Package manager switcher

npx clawhub@latest install intel-security

Security Scan

Capability signals

Requires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name and description describe security operations, and all included files (SOPs, templates, and human-facing prompts) match that purpose — there are no unrelated requirements (no credentials, binaries, or external services).

✓

Instruction Scope

SKILL.md and the included prompt/SOP files contain guidance, templates, and manual copy/paste prompts intended for human use; they do not instruct the agent to read local files, fetch external endpoints, or access credentials. The prompts explicitly state they are for manual use, not automatic invocation.

✓

Install Mechanism

No install spec and no code files — nothing is written to disk or downloaded during install. This is the lowest-risk install profile.

✓

Credentials

The skill declares no required environment variables, credentials, or config paths. The content does not reference accessing secrets or external tokens, so requested privileges are proportional to the stated purpose.

✓

Persistence & Privilege

always is false and default autonomy settings apply; the skill does not request elevated persistence or modify other skills/configurations. It is user-invocable and can be invoked by the agent normally, which is expected for skills.

Assessment

This skill is essentially a library of security SOPs and human-facing prompts and is internally consistent with its stated purpose. Because it is instruction-only and requests no credentials or installs, it cannot by itself exfiltrate secrets or execute code. Before installing, you should: (1) confirm the source/trustworthiness since metadata shows 'source: unknown' and no homepage, (2) review the SOPs for alignment with your organization's legal/compliance requirements (retention, classification rules, SLAs), (3) avoid granting the skill any special platform privileges beyond default invocation, and (4) if you plan to let agents act autonomously with these instructions, test in a non-production environment and ensure agents do not get access to real secrets or systems when following its guidance.

Like a lobster shell, security has layers — review code before you run it.

STRIDEvk973pp0jhvd4v0pqmb4nch289h85kq8tai-companyvk973pp0jhvd4v0pqmb4nch289h85kq8tcompliancevk973pp0jhvd4v0pqmb4nch289h85kq8tintelligencevk973pp0jhvd4v0pqmb4nch289h85kq8tlatestvk973pp0jhvd4v0pqmb4nch289h85kq8tsecurityvk973pp0jhvd4v0pqmb4nch289h85kq8tthreat-modelingvk973pp0jhvd4v0pqmb4nch289h85kq8t

19downloads

0stars

2versions

Updated 5h ago

v2.0.1

MIT-0

Intelligence Security Operations

Quick Reference

Role: All security operations across all tiers Reports to: intel-director Security clearance: TOP SECRET (lead), SECRET (senior), CONFIDENTIAL (mid), CONFIDENTIAL (junior)

Tier Authority

Tier	Scope	Autonomy	Approval Required For
Lead	Security architecture, policy	Full	Policy changes, tool procurement
Senior	Advanced threat modeling, architecture review	High	Production security changes
Mid	Routine security ops, access management	Medium	Access grants above CONFIDENTIAL
Junior	Basic security tasks, documentation	Supervised	All access actions reviewed

STRIDE Control Matrix

Threat Vector	Control	Monitoring	Tier Min
Spoofing	MFA, PKI, certificate pinning	Real-time alerts	Mid
Tampering	Integrity hashes, audit logs, signed artifacts	Continuous	Mid
Repudiation	Non-repudiation logs, digital signatures	Immutable audit	Senior
Information Disclosure	Encryption (at-rest + in-transit), DLP, classification	DLP scanning	Mid
Denial of Service	Redundancy, rate limiting, circuit breakers	Automated health checks	Mid
Elevation of Privilege	RBAC, least privilege, sandboxing	Periodic audit	Senior

Classification Levels

TOP SECRET    → Permanent retention, restricted access
├── SECRET     → 25-year retention, limited access
│   └── CONFIDENTIAL → 10-year retention, standard access
│       └── UNCLASSIFIED → 5-year retention, open access

Incident Response SLA

Priority	Definition	Response	Containment
P1	Active breach, data exfiltration	<5 min	<30 min
P2	Confirmed vulnerability exploitation	<15 min	<2h
P3	Potential vulnerability, unconfirmed	<1h	<8h
P4	Policy violation, non-critical	<4h	<24h

Defense in Depth Model

Perimeter Security (WAF, Firewall, DDoS protection)
├── Network Security (IDS/IPS, Network segmentation, VPN)
│   ├── Host Security (EDR, Hardening, Patch management)
│   │   ├── Application Security (SAST/DAST, WAF, Input validation)
│   │   │   └── Data Security (Encryption, Tokenization, Masking)

KPI Targets

Metric	Senior	Mid	Junior
Security Posture Score	>95%	>90%	>85%
Mean Time to Detect	<1h	<2h	Escalate
Access Accuracy	100%	100%	100%
Compliance Coverage	100%	100%	Document

File Index

File	Purpose	When to Read
`references/method-patterns.md`	Detailed security SOPs, STRIDE templates, incident response playbooks, access provisioning workflows	Security operations, threat modeling, incident handling
`prompts/01-implement-method.md`	User-facing prompt for implementing security methods	Manual copy-paste to external AI chat
`prompts/02-robustness-checks.md`	User-facing prompt for verifying security robustness	Manual copy-paste to external AI chat

Comments

Loading comments...