Hve-core owasp-infrastructure
OWASP Infrastructure Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in internal IT infrastructure environments - Brought to you by microsoft/hve-core.
install
source · Clone the upstream repo
git clone https://github.com/microsoft/hve-core
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/microsoft/hve-core "$T" && mkdir -p ~/.claude/skills && cp -r "$T/.github/skills/security/owasp-infrastructure" ~/.claude/skills/microsoft-hve-core-owasp-infrastructure && rm -rf "$T"
manifest:
.github/skills/security/owasp-infrastructure/SKILL.mdsource content
OWASP Infrastructure Top 10 — Skill Entry
This
SKILL.mdThe skill encodes the OWASP Infrastructure Security Top 10 (2024) as structured, machine-readable references that an agent can query to identify, assess, and remediate infrastructure security risks.
Normative references (Infrastructure Top 10)
- 00 Vulnerability Index
- 01 Outdated Software
- 02 Insufficient Threat Detection
- 03 Insecure Configurations
- 04 Insecure Resource and User Management
- 05 Insecure Use of Cryptography
- 06 Insecure Network Access Management
- 07 Insecure Authentication Methods and Default Credentials
- 08 Information Leakage
- 09 Insecure Access to Resources and Management Components
- 10 Insufficient Asset Management and Documentation
Skill layout
— this file (skill entrypoint).SKILL.md
— the Infrastructure Top 10 normative documents.references/
— index of all vulnerability identifiers, categories, and cross-references.00-vulnerability-index.md
through01
— one document per vulnerability aligned with OWASP Infrastructure Security numbering.10
🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.