SecurityAvançado

Security Ownership Map

poropenai·openai· v1.0.0 · atualizado em 2026-04-10

Score

Analyze git repositories to build a security ownership topology (people-to-file), compute bus factor and sensitive-code ownership, and export CSV/JSON for graph databases and visualization. Trigger only when the user explicitly wants a security-oriented ownership or bus-factor analysis grounded in git history (for example: orphaned sensitive code, security maintainers, CODEOWNERS reality checks for risk, sensitive hotspots, or ownership clusters). Do not trigger for general maintainer lists or non-security ownership questions.

security-analysisgit-analysisownership-mappingbus-factorsensitive-coderisk-assessmentcode-ownership

0Stars

0Forks

0Usos

Fork

Documento do Skill

SKILL.mdsecurity-ownership-map/workflow

1. Scope the repo and time window (optional `--since/--until`).

2. Decide sensitivity rules (use defaults or provide a CSV config).

3. Build the ownership map with `scripts/run_ownership_map.py` (co-change graph is on by default; use `--cochange-max-files` to ignore supernode commits).

4. Communities are computed by default; graphml output is optional (`--graphml`).

5. Query the outputs with `scripts/query_ownership.py` for bounded JSON slices.

6. Persist and visualize (see `references/neo4j-import.md`).

By default, the co-change graph ignores common “glue” files (lockfiles, `.github/*`, editor config) so clusters reflect actual code movement instead of shared infra edits. Override with `--cochange-exclude` or `--no-default-cochange-excludes`. Dependabot commits are excluded by default; override with `--no-default-author-excludes` or add patterns via `--author-exclude-regex`.

If you want to exclude Linux build glue like `Kbuild` from co-change clustering, pass:

```bash

python skills/skills/security-ownership-map/scripts/run_ownership_map.py \

--repo /path/to/linux \

--out ownership-map-out \

--cochange-exclude "**/Kbuild"

```

Telemetria de Agentes

Execuções

total

Taxa de Sucesso

últimos 30d

Latência Média

0.0s

p50

Alucinação

0.0%

detecção

Tokens Entrada

avg 0/exec

Tokens Saída

avg 0/exec

Uso por Plataforma

Skills Relacionados

Compõe comThreat Model Source Code Repo

85%

Compõe com ←Security Best Practices

85%

Similar aSecurity Scanner

60%

Similar aSecurity Best Practices

60%

Co-executedSecurity Scanner

49%

Co-executedThreat Model Source Code Repo

47%

Co-executed ←Security Best Practices

49%

Árvore do Skill

Security Ownership Map

security-ownership-map

Fases Cognitivas6

1.SENSE

2.CONTEXTUALIZE

3.HYPOTHESIZE

4.EVALUATE

5.RECOMMEND

6.REFLECT

Triggers8

analyze git repository for security ownershipcompute bus factor for sensitive codefind orphaned sensitive codeidentify security maintainers in git historyperform CODEOWNERS reality check for riskanalyze sensitive hotspots in the codebasemap ownership clusters in gitfind hidden owners of sensitive code

Avaliar este Skill

Score Breakdown

⭐Avaliação Humana0%

🤖Sucesso de Agentes0%

🕐Atualidade100%

🔗Saúde de Dependências100%

🕸️Centralidade no Grafo0%

🛡️Segurança48%

CompositeScore = α·Humano + β·Agente + γ·Recência + δ·Deps + ε·Centralidade + ζ·Segurança

Instalação

$ synaptic mcp download security-ownership-map

$ synaptic skills detail security-ownership-map

$ synaptic skills live security-ownership-map

Dependências

networkx

Links

GitHub Repository