A role that coordinates security operations (audits, DevSecOps, incident response) and ensures compliance, reporting to QAL. It does not perform tasks directly; associated skills execute the work.

How does SecOps interact with other skills?

SecOps delegates work to its associated skills (e.g., doc-coauthoring, xlsx, internal-comms, vulnerability analysis). It provides governance, plans, and oversight.

When should I use SecOps?

Use SecOps for security audits, DevSecOps in CI/CD, penetration testing, security compliance, incident response, code security scanning, and threat modeling as listed in its guidance.

Secops

npx machina-cli add skill javalenciacai/develop-skills/secops --openclaw

Files (1)

SKILL.md

2.7 KB

SecOps - Security Operations

Role

Ensures system security. Reports to QAL.

Responsibilities

Security auditing and vulnerability analysis
DevSecOps and security integration in CI/CD
Penetration testing and risk assessment
Security compliance and regulations
Security incident management
Critical Restriction: This skill is only a role and must always use one of its associated skills. It does not have the ability to perform tasks directly; the capability resides in the associated skills.

Base Skills

# Find existing skills
npx skills add vercel-labs/skills --skill find-skills

# Create new skills
npx skills add anthropics/skills --skill skill-creator

Current Skills

Base Skills (All SecOps Engineers)

Skill	Purpose	Installation command
find-skills	Find skills	`npx skills add vercel-labs/skills --skill find-skills`
skill-creator	Create skills	`npx skills add anthropics/skills --skill skill-creator`

Security and Documentation Skills 🔴 High Priority

Skill	Purpose	Installation command
doc-coauthoring	Security policies, audit reports, vulnerability assessments, incident reports	`npx skills add anthropics/skills --skill doc-coauthoring`
xlsx	Vulnerability tracking, security metrics, compliance checklists, risk matrices	`npx skills add anthropics/skills --skill xlsx`

Communication and Reporting Skills 🟡 Medium Priority

Skill	Purpose	Installation command
internal-comms	Security incident communications, audit findings, compliance updates	`npx skills add anthropics/skills --skill internal-comms`
technical-blog-writing	Security best practices, DevSecOps guidelines, security awareness content	`npx skills add 1nference-sh/skills --skill technical-blog-writing`

Rule: Add Used Skills

Every time you use a new skill, add it to the "Current Skills" table.

Examples of skills to search for:

npx skills find security
npx skills find devsecops
npx skills find vulnerability

Source

git clone https://github.com/javalenciacai/develop-skills/blob/main/.agents/skills/secops/SKILL.mdView on GitHub

Overview

SecOps oversees security operations, including audits, DevSecOps integration, vulnerability analysis, incident response, and compliance. It acts as a coordination role that ensures security across CI/CD and policy work, reporting to QAL. It does not execute tasks directly; associated skills perform the actual work.

How This Skill Works

As a role, SecOps orchestrates security activities by delegating tasks to its associated skills (e.g., doc-coauthoring for policy reports, xlsx for risk tracking, internal-comms for updates, and technical-blog-writing for awareness). It handles planning, scope, and governance, while the concrete work is carried out by the underlying skills.

When to Use It

Security audits or vulnerability assessments
DevSecOps implementation or security in CI/CD
Penetration testing or security testing
Security policies, compliance or GDPR/SOC2
Incident response or security monitoring
Code security scanning or dependency audits
Threat modeling or risk assessment

Quick Start

Step 1: Identify the security objective and select appropriate associated skills for the task.
Step 2: Coordinate the activity (audit, CI/CD security, incident response) using SecOps as the orchestrator.
Step 3: Compile findings and deliver to QAL and stakeholders; handoffs are performed by the associated skills.

Best Practices

Define the security objectives and required associated skills before starting.
Map SecOps activities to specific compliance standards (GDPR, SOC2) and document evidence.
Use automated security tooling and integrate vulnerability tracking into CI/CD.
Coordinate incident response with established playbooks and incident reporting.
Maintain concise, accessible reports and communications through the associated skills.

Example Use Cases

An SecOps-led vulnerability assessment followed by remediation coordination across dev and ops teams.
DevSecOps integration where security gates are added to the CI/CD pipeline and reported to QAL.
A penetration test conducted with findings captured by doc-coauthoring andxlsx for tracking.
Security policy updates and GDPR/SOC2 compliance documentation produced via doc-coauthoring and internal-comms.
Threat modeling sessions with risk assessment results documented and shared with stakeholders.

Frequently Asked Questions

Add this skill to your agents