secupdates

Before executing, check for user customizations at: ~/.claude/skills/CORE/USER/SKILLCUSTOMIZATIONS/SECUpdates/

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "secupdates" with this command: npx skills add danielmiessler/personal_ai_infrastructure/danielmiessler-personal-ai-infrastructure-secupdates

Customization

Before executing, check for user customizations at: ~/.claude/skills/CORE/USER/SKILLCUSTOMIZATIONS/SECUpdates/

If this directory exists, load and apply any PREFERENCES.md, configurations, or resources found there. These override default behavior. If the directory does not exist, proceed with skill defaults.

Voice Notification (REQUIRED)

Send this notification BEFORE doing anything else:

curl -s -X POST http://localhost:8888/notify
-H "Content-Type: application/json"
-d '{"message": "Checking security updates from sources"}' \

/dev/null 2>&1 &

SECUpdates Skill

Purpose: Aggregate security news from multiple sources into crisp, ranked updates across three categories.

Sources

Source URL Type

tl;dr sec https://tldrsec.com Newsletter/RSS - comprehensive security roundup

No Security https://no.security Caleb Sima's security insights

Krebs on Security https://krebsonsecurity.com Investigative security journalism

The Hacker News https://thehackernews.com Security news and analysis

Schneier on Security https://schneier.com Bruce Schneier's security blog

Risky Business https://risky.biz Security podcast/news

Custom sources: Add to USER/SKILLCUSTOMIZATIONS/SECUpdates/sources.json

Output Format

Maximum 32 items total across all categories, ranked by importance within each.

Security Updates

Generated: [timestamp] Sources Checked: [list] Period: Since [last check date]

🔴 Security News (Breaches & Incidents)

Hacks, breaches, exploits in the wild, incidents

  1. [Headline] - [1-2 sentence summary]. [Source]
  2. [Headline] - [1-2 sentence summary]. [Source] ...

🔬 Security Research

New vulnerabilities, CVEs, techniques, papers

  1. [Title] - [1-2 sentence summary]. [Source]
  2. [Title] - [1-2 sentence summary]. [Source] ...

💡 Security Ideas

Opinions, strategies, industry trends, career

  1. [Title] - [1-2 sentence summary]. [Source]
  2. [Title] - [1-2 sentence summary]. [Source] ...

📊 Summary

CategoryCountTop Item
NewsX[headline]
ResearchX[title]
IdeasX[title]

Total: X/32 items | Next check: Run /secupdates anytime

Category Definitions

🔴 Security News (Breaches & Incidents)

  • Data breaches and leaks

  • Active exploits and attacks

  • Ransomware incidents

  • State-sponsored attacks

  • Major vulnerability exploitations

  • Company security incidents

🔬 Security Research

  • New CVEs and vulnerabilities

  • Security research papers

  • New attack techniques

  • Tool releases

  • Vulnerability disclosures

  • Bug bounty findings

💡 Security Ideas

  • Industry trends and analysis

  • Security strategy and opinions

  • Career and hiring trends

  • Regulatory and compliance news

  • Security culture and practices

  • Predictions and forecasts

Ranking Criteria

Within each category, rank items by:

  • Impact - How many people/systems affected?

  • Recency - How new is this?

  • Actionability - Can reader do something about it?

  • Novelty - Is this genuinely new information?

State Tracking

State file: State/last-check.json

{ "last_check_timestamp": "2026-01-22T12:00:00.000Z", "sources": { "tldrsec": { "last_hash": "abc123", "last_checked": "2026-01-22T12:00:00.000Z", "last_title": "tl;dr sec #XXX" }, "nosecurity": { "last_hash": "def456", "last_checked": "2026-01-22T12:00:00.000Z" } } }

On each run:

  • Load last-check.json

  • Fetch each source

  • Compare content hash to detect new items

  • Only include items newer than last check

  • Update state file after successful run

Process Flow

Step 1: Check State

Read last check timestamp

cat ~/.claude/skills/SECUpdates/State/last-check.json

Step 2: Fetch Sources (Parallel)

Launch parallel agents to fetch each source:

Agent Source Method

Agent 1 tldrsec.com WebFetch latest newsletter

Agent 2 no.security WebFetch recent posts

Agent 3 krebsonsecurity.com WebFetch recent articles

Agent 4 thehackernews.com WebFetch headlines

Agent 5 schneier.com WebFetch recent posts

Step 3: Parse & Categorize

For each item found:

  • Determine category (News/Research/Ideas)

  • Extract headline and 1-2 sentence summary

  • Note source

  • Assess importance score

Step 4: Rank & Limit

  • Sort each category by importance

  • Take top items until 32 total

  • Distribute reasonably (aim for ~10-12 per category if available)

Step 5: Output & Update State

  • Generate formatted output

  • Write updated state to last-check.json

Workflow Routing

Workflow Trigger File

Update "security updates", "sec updates", "/secupdates", "what's new in security" Workflows/Update.md

Default: Run the Update workflow.

Key Principles

  • Crisp - 1-2 sentences per item, no fluff

  • Ranked - Most important first within each category

  • Categorized - Clear separation of News/Research/Ideas

  • Deduplicated - Same story from multiple sources = one entry

  • Limited - Max 32 items total, quality over quantity

  • Stateful - Track what's been seen, only show new items

Example Output

Security Updates

Generated: 2026-01-22 12:09 PST Sources Checked: tldrsec, no.security, Krebs, THN, Schneier Period: Since 2026-01-20

🔴 Security News (Breaches & Incidents)

  1. Microsoft Azure Breach Exposes 2M Customer Records - Misconfigured storage blob allowed unauthorized access to customer data including emails and phone numbers. [Krebs]
  2. LockBit 4.0 Ransomware Hits Healthcare Chain - 15 hospitals affected, patient data encrypted, $10M ransom demanded. [THN]
  3. Ivanti VPN Zero-Day Actively Exploited - CVE-2026-XXXX being used by Chinese APT groups against government targets. [tldrsec]

🔬 Security Research

  1. New Spectre Variant Bypasses All Mitigations - Researchers demonstrate "Spectre-NG" affecting Intel and AMD processors, no patch available. [tldrsec]
  2. OAuth Token Theft via Browser Extension - Novel technique allows stealing tokens from any site using malicious extension. [no.security]
  3. SSRF in AWS IMDSv2 - Bypass discovered in metadata service protections. [tldrsec]

💡 Security Ideas

  1. The Death of Perimeter Security - Caleb Sima argues zero-trust is no longer optional after recent breaches. [no.security]
  2. CISO Burnout at All-Time High - Survey shows 70% considering leaving the field within 2 years. [tldrsec]
  3. AI-Generated Phishing Now Indistinguishable - Schneier on the implications of LLM-powered social engineering. [Schneier]

📊 Summary

CategoryCountTop Item
News3Microsoft Azure Breach
Research3New Spectre Variant
Ideas3Death of Perimeter Security

Total: 9/32 items | Next check: Run /secupdates anytime

Anti-Patterns

❌ Bad ✅ Good

Long paragraph summaries 1-2 crisp sentences

"Read more at..." Summary + source attribution

Unranked list dumps Importance-ordered items

50+ items Max 32, quality curated

Mixing categories Clear News/Research/Ideas separation

Old news mixed with new Only items since last check

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

osint

No summary provided by upstream source.

Repository SourceNeeds Review
-139
danielmiessler
General

firstprinciples

No summary provided by upstream source.

Repository SourceNeeds Review
-88
danielmiessler
General

documents

No summary provided by upstream source.

Repository SourceNeeds Review
-73
danielmiessler