Io.Github.Tyox All/Mund
AI security scanner - secrets, PII, prompt injection, and exfiltration detection.
Security guardrails for Claude Code, MCP tools, and Claude cowork workflows. Local-first modular YARA-style guard packs for secrets, exfiltration, prompt injection, MCP abuse, and risky agent actions.
Inspect the current Secure Claude Code posture, enabled protections, and recent audit events.
Credential Exfiltration Detection
Determine whether stolen credentials were actually used by attackers after a security incident. This skill walks through a four-phase investigation: scoping what was at risk, checking audit trails, identifying lateral movement, and verifying that rotation was complete.
ai-agent-posture
Use this skill when asked to audit, assess, or report on AI agent security posture across Copilot Studio and Microsoft 365 Copilot agents. Triggers on keywords like "AI agent posture", "agent security audit", "Copilot Studio agents", "agent inventory", "agent authentication", "unauthenticated agents", "agent tools", "MCP tools on agents", "agent knowledge sources", "XPIA risk", "agent sprawl", "AI agent risk", "agent governance", or when investigating AI agent configurations, access policies, tool permissions, or credential exposure. This skill queries the AIAgentsInfo table in Advanced Hunting to produce a comprehensive security posture assessment covering agent inventory, authentication gaps, access control misconfigurations, MCP tool proliferation, knowledge source exposure, XPIA email exfiltration risk, hard-coded credential detection, HTTP request risks, creator governance, and agent sprawl analysis. Supports inline chat and markdown file output.