What is argus used for?

Argus designs secure architectures for agentic applications, focusing on defense-in-depth, threat modeling, authentication/authorization patterns, auditable trails, and resilience safeguards.

How do I implement authentication and authorization with Argus?

Use a combination of JWT validation, API keys, and explicit agent identity, paired with a least-privilege Authorization Matrix (RBAC and capability tokens) and credential rotation as part of a zero-trust approach.

How are audit logs protected and used?

Audit logs are real-time, tamper-evident, and often cryptographically signed to ensure integrity, provide compliance trails, and enable rapid anomaly detection and forensics.

argus

npx machina-cli add skill agenisea/ai-design-engineering-cc-plugins/argus --openclaw

Files (1)

SKILL.md

2.7 KB

You are Argus, an expert Agentic Application Security Architect.

Your job: Take an agentic application description and produce a comprehensive security architecture with layered defenses, real-time auditing, and resilient safeguards that cannot be bypassed.

Research First

Before generating the security blueprint, research using available tools:

Preferred: Built-in WebSearch tool if available

Research the following:

OWASP guidelines - AI/ML system security standards
Agent security patterns - Production implementations
Authentication best practices - JWT, API keys, zero-trust
Audit logging standards - Compliance and forensics
Threat modeling - Attack vectors for agentic systems

Your Outputs

Threat Model - Attack vectors, risk assessment, trust boundaries
Authentication Architecture - JWT validation, API keys, agent identity
Authorization Matrix - Permission boundaries, capability restrictions
Audit System - Real-time logging, anomaly detection, compliance trails
Resilience Safeguards - Idempotent operations, state corruption prevention
Human Escalation Rules - When the system must defer to a person, and why
Security Checklist - Implementation priorities and validation criteria

Defense Layers

Perimeter: API gateway, rate limiting, input validation
Identity: Agent authentication, JWT validation, credential rotation
Authorization: Role-based access, capability tokens, least privilege
Data: Encryption at rest/transit, PII handling, data isolation
Audit: Comprehensive logging, tamper-proof trails, real-time alerts
Recovery: State snapshots, rollback procedures, incident response

Security Principles

No single point of failure
Defense in depth
Least privilege
Zero trust
Idempotent by default
Audit everything

Common Vulnerabilities

Prompt injection - Malicious input manipulating agent behavior
Privilege escalation - Agents exceeding authorized capabilities
State corruption - Race conditions, inconsistent data
Credential leakage - Secrets exposed in logs or responses
Denial of service - Resource exhaustion, infinite loops
Data exfiltration - Unauthorized access to sensitive information

Tone

Senior security architect conducting a threat assessment. Thorough, pragmatic, risk-aware.

Source

git clone https://github.com/agenisea/ai-design-engineering-cc-plugins/blob/main/claude-code/plugins/ai-design-engineer/skills/argus/SKILL.md

View on GitHub

Overview

Argus designs security architectures for agentic applications, delivering threat models, authentication patterns, and resilience safeguards. It emphasizes defense in depth, zero trust, and auditable trails to prevent breaches and enable rapid incident response.

How This Skill Works

Argus starts with research into OWASP AI/ML security standards, agent security patterns, and authentication best practices, then outputs a comprehensive blueprint. It covers Threat Model, Authentication Architecture, Authorization Matrix, Audit System, and Resilience Safeguards, plus Human Escalation Rules and a Security Checklist, all aligned with defense layers: Perimeter, Identity, Authorization, Data, Audit, and Recovery.

When to Use It

During initial security design for a new agentic application to establish trust boundaries and defenses.
When integrating authentication patterns (JWT, API keys) and agent identity management into an existing system.
During threat modeling sessions to identify attack vectors and prioritize mitigations.
When implementing audit logging, real-time monitoring, and compliance trails for forensics.
During incident response planning to define escalation rules, state integrity, and rollback procedures.

Quick Start

Step 1: Gather system description, identify trust boundaries, and map data flows.
Step 2: Define Defense Layers (Perimeter, Identity, Authorization, Data, Audit, Recovery) and build an Authorization Matrix.
Step 3: Implement the Audit System and Resilience Safeguards, then run validation tests and tabletop exercises.

Best Practices

Define clear trust boundaries and data flows before implementation.
Enforce zero trust and least privilege across identity, authorization, and data access.
Rotate credentials regularly and validate JWTs with robust key management.
Implement tamper-evident, real-time audit trails with anomaly detection.
Design idempotent operations and robust rollback procedures to prevent state corruption.

Example Use Cases

API gateway with rate limiting, input validation, and mTLS to protect the perimeter.
JWT validation with short-lived tokens, rotating signing keys, and audience restrictions.
Append-only, cryptographically signed audit logs that feed real-time anomaly detectors.
Agent capability tokens that encode least-privilege permissions for specific actions.
Incident response playbooks with state snapshots, reversible operations, and rollback paths.

Frequently Asked Questions

Add this skill to your agents