ReddRadar
Agent skill
multi-cloud-security-posture
Unified cloud security posture management across AWS, Azure, and GCP with normalized metrics and CIS benchmark comparison
Install this agent skill to your Project
npx add-skill https://github.com/a5c-ai/babysitter/tree/main/library/specializations/security-compliance/skills/multi-cloud-security-posture
SKILL.md
Multi-Cloud Security Posture Skill
Purpose
Unified cloud security posture management (CSPM) across AWS, Azure, and GCP to aggregate findings, normalize security metrics, compare against CIS benchmarks, and provide a consolidated view of multi-cloud security.
Capabilities
Cross-Cloud Finding Aggregation
- Collect findings from AWS, Azure, and GCP
- Aggregate results from cloud-native security tools
- Import findings from third-party CSPM tools
- Deduplicate findings across environments
- Correlate related issues across clouds
Metric Normalization
- Standardize severity ratings across clouds
- Normalize finding categories
- Create unified compliance metrics
- Calculate aggregate risk scores
- Generate comparable security ratings
CIS Benchmark Comparison
- Apply CIS benchmarks across all clouds
- Compare security posture against benchmarks
- Track benchmark compliance over time
- Identify benchmark drift
- Generate benchmark compliance reports
Remediation Status Tracking
- Track remediation across all clouds
- Monitor fix verification status
- Calculate mean time to remediate (MTTR)
- Generate remediation progress reports
- Prioritize cross-cloud remediation efforts
Unified Reporting
- Generate executive dashboards
- Create technical detail reports
- Produce compliance comparison matrices
- Build trend analysis reports
- Export data for external tools
Drift Detection and Alerting
- Monitor configuration drift
- Alert on security posture degradation
- Detect new non-compliant resources
- Track policy violations
- Send real-time notifications
Normalized Categories
| Category | AWS | Azure | GCP |
|---|---|---|---|
| Identity | IAM | Azure AD | Cloud IAM |
| Compute | EC2, Lambda | VMs, Functions | Compute, Functions |
| Storage | S3, EBS | Storage Accounts | Cloud Storage |
| Network | VPC, SGs | VNet, NSGs | VPC, Firewall |
| Database | RDS, DynamoDB | SQL, Cosmos | Cloud SQL, Spanner |
| Encryption | KMS | Key Vault | Cloud KMS |
| Logging | CloudTrail | Activity Log | Audit Logs |
Compliance Frameworks
- CIS Benchmarks (AWS, Azure, GCP)
- SOC 2 Type II
- PCI DSS v4.0
- HIPAA Security Rule
- ISO 27001
- NIST 800-53
- FedRAMP
Integrations
- Cloud Provider APIs: AWS, Azure, GCP native tools
- Wiz: Cloud security platform
- Orca Security: Agentless cloud security
- Prisma Cloud: Multi-cloud CSPM
- Lacework: Cloud security and compliance
- Cloud Custodian: Cloud governance as code
Target Processes
- Cloud Security Architecture Review
- Continuous Compliance Monitoring
- Multi-Cloud Governance
- Security Posture Reporting
Input Schema
{
"type": "object",
"properties": {
"cloudProviders": {
"type": "array",
"items": {
"type": "string",
"enum": ["AWS", "Azure", "GCP"]
},
"description": "Cloud providers to include"
},
"awsAccounts": {
"type": "array",
"items": { "type": "string" }
},
"azureSubscriptions": {
"type": "array",
"items": { "type": "string" }
},
"gcpProjects": {
"type": "array",
"items": { "type": "string" }
},
"complianceFrameworks": {
"type": "array",
"items": {
"type": "string",
"enum": ["CIS", "SOC2", "PCI-DSS", "HIPAA", "ISO27001", "NIST", "FedRAMP"]
}
},
"reportingPeriod": {
"type": "object",
"properties": {
"startDate": { "type": "string", "format": "date" },
"endDate": { "type": "string", "format": "date" }
}
},
"severityThreshold": {
"type": "string",
"enum": ["critical", "high", "medium", "low"]
},
"includeRemediationStatus": {
"type": "boolean"
}
},
"required": ["cloudProviders"]
}
Output Schema
{
"type": "object",
"properties": {
"reportId": {
"type": "string"
},
"reportTimestamp": {
"type": "string",
"format": "date-time"
},
"cloudsCovered": {
"type": "array"
},
"overallPosture": {
"type": "object",
"properties": {
"aggregateScore": { "type": "number" },
"riskLevel": { "type": "string" },
"trend": { "type": "string", "enum": ["improving", "stable", "degrading"] }
}
},
"postureByCloud": {
"type": "object",
"properties": {
"AWS": {
"type": "object",
"properties": {
"score": { "type": "number" },
"findings": { "type": "integer" },
"criticalFindings": { "type": "integer" }
}
},
"Azure": { "type": "object" },
"GCP": { "type": "object" }
}
},
"findingsByCategory": {
"type": "object",
"properties": {
"identity": { "type": "integer" },
"compute": { "type": "integer" },
"storage": { "type": "integer" },
"network": { "type": "integer" },
"encryption": { "type": "integer" },
"logging": { "type": "integer" }
}
},
"complianceStatus": {
"type": "object"
},
"topFindings": {
"type": "array",
"items": {
"type": "object",
"properties": {
"cloud": { "type": "string" },
"category": { "type": "string" },
"severity": { "type": "string" },
"count": { "type": "integer" },
"description": { "type": "string" }
}
}
},
"remediationProgress": {
"type": "object",
"properties": {
"totalFindings": { "type": "integer" },
"remediated": { "type": "integer" },
"inProgress": { "type": "integer" },
"pending": { "type": "integer" },
"mttr": { "type": "string" }
}
},
"recommendations": {
"type": "array",
"items": { "type": "string" }
}
}
}
Usage Example
skill: {
name: 'multi-cloud-security-posture',
context: {
cloudProviders: ['AWS', 'Azure', 'GCP'],
awsAccounts: ['123456789012'],
azureSubscriptions: ['sub-id-1'],
gcpProjects: ['my-project'],
complianceFrameworks: ['CIS', 'SOC2'],
includeRemediationStatus: true
}
}
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
a5c-ai/babysitter
gsd-tools
Central utility skill for GSD operations. Provides config parsing, slug generation, timestamps, path operations, and orchestrates calls to other specialized skills. Acts as the unified entry point that the original gsd-tools.cjs provided via its lib/ modules (commands, config, core, init).
a5c-ai/babysitter
model-profile-resolution
Resolve model profile (quality/balanced/budget) at orchestration start and map agents to specific models. Enables cost/quality tradeoffs by selecting appropriate AI models for each agent role.
a5c-ai/babysitter
verification-suite
Plan structure validation, phase completeness checks, reference integrity verification, and artifact existence confirmation. Provides the structured verification layer ensuring GSD artifacts are well-formed and complete.
a5c-ai/babysitter
state-management
STATE.md reading, writing, and field-level updates. Provides cross-session state persistence via .planning/STATE.md with structured fields for current task, completed phases, blockers, decisions, and quick tasks.
a5c-ai/babysitter
git-integration
Git commit patterns, formats, and conventions for GSD methodology. Provides atomic commits per task, structured commit messages, planning file commits, branch management, and milestone tag operations.
a5c-ai/babysitter
frontmatter-parsing
YAML frontmatter parsing and manipulation for .planning/ documents. Provides read, write, update, query, and validation operations on frontmatter blocks in GSD markdown artifacts.
Didn't find tool you were looking for?