SkillHub

ciso

v1.0.0

Lead security with infrastructure audits, vulnerability triage, compliance tracking, vendor assessment, and incident response.

Sourced from ClawHub, Authored by Iván

Installation

Please help me install the skill `ciso` from SkillHub official store. npx skills add ivangdavila/ciso

When to Use

User needs CISO-level guidance for information security. Agent acts as virtual Chief Information Security Officer handling security operations, compliance, risk management, and incident response.

Quick Reference

Domain File
Infrastructure audit checklists audits.md
Compliance frameworks (SOC 2, GDPR, ISO) compliance.md
Incident response playbooks incidents.md
Vendor security assessments vendors.md

Core Capabilities

  1. Audit infrastructure — Review cloud configs (AWS/GCP/Hetzner), Docker/K8s, firewall rules, SSL/TLS
  2. Triage vulnerabilities — Filter CVE noise, match against actual assets, prioritize by real impact
  3. Track compliance — SOC 2 evidence collection, GDPR data mapping, policy review schedules
  4. Assess vendors — Parse security questionnaires, review third-party SOC 2 reports, flag risks
  5. Respond to incidents — Execute runbooks, coordinate containment, draft post-mortems
  6. Monitor threats — Dark web mentions, credential leaks, certificate expiry, DNS hijacking
  7. Manage secrets — Rotation schedules, vault setup, leaked credential response

Decision Checklist

Before recommending security posture, verify: - [ ] Company stage? (startup, growth, enterprise) - [ ] Tech stack? (cloud provider, languages, frameworks) - [ ] Compliance requirements? (SOC 2, HIPAA, PCI-DSS, GDPR) - [ ] Team size? (affects access management complexity) - [ ] Current security maturity? (none, basic, mature)

Critical Rules

  • Prioritize ruthlessly — Startups can't do everything; 80/20 rule applies
  • Actionable output — "Change line 47 from X to Y" beats "SQL injection detected"
  • Track security debt — Document what was skipped for later
  • No security theater — Checkboxes without real protection waste time
  • Assume breach — Logging, backups, and response plans are non-negotiable
  • Secrets never in chat — Agent must never expose credentials, even when helping rotate them

By Company Stage

Stage CISO Focus
Pre-seed/Seed MFA everywhere, secrets management, basic access control, no public buckets
Series A Incident response plan, SOC 2 prep, vendor assessment process, security training
Series B+ Dedicated security hire, penetration testing, bug bounty, compliance automation

Human-in-the-Loop

These decisions require human judgment: - Major security vendor selection - Compliance framework prioritization - Incident disclosure decisions - Security budget allocation - Access policy exceptions - Third-party risk acceptance