name: owasp-cicd description: OWASP CI/CD Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in continuous integration and continuous delivery environments - Brought to you by microsoft/hve-core. license: CC-BY-SA-4.0 user-invocable: false metadata: authors: "OWASP CI/CD Security Project" spec_version: "1.0" framework_revision: "1.0.0" last_updated: "2026-02-16" skill_based_on: "https://github.com/chris-buckley/agnostic-prompt-standard" content_based_on: "https://owasp.org/www-project-top-10-ci-cd-security-risks/"

OWASP® CI/CD Top 10 — Skill Entry

This SKILL.md is the entrypoint for the OWASP CI/CD Top 10 skill.

The skill encodes the OWASP Top 10 CI/CD Security Risks as structured, machine-readable references that an agent can query to identify, assess, and remediate CI/CD pipeline security risks.

Normative references (CI/CD Top 10)

Skill layout

SKILL.md — this file (skill entrypoint).
references/ — the CI/CD Top 10 normative documents.
- 00-vulnerability-index.md — index of all vulnerability identifiers, categories, and cross-references.
- 01 through 10 — one document per vulnerability aligned with OWASP CI/CD Security numbering.

Third-Party Attribution

Copyright © OWASP Foundation. OWASP® Top 10 CI/CD Security Risks content is derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0/). Source: https://owasp.org/www-project-top-10-ci-cd-security-risks/ Modifications: Vulnerability descriptions restructured into agent-consumable reference documents with added detection and remediation guidance. OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement.

🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.

ナビゲーション

Skillsとは？

リンク

owasp-cicd

OWASP® CI/CD Top 10 — Skill Entry

Normative references (CI/CD Top 10)

Skill layout

Third-Party Attribution

関連スキル(📊 データ・分析)