{"id":"11cad15d-47a5-419d-83bd-ddf040b22cd1","shortId":"65XWea","kind":"skill","title":"Audit Linux host hardening drift before exposing SSH or rolling to production","tagline":"Uses Lynis to run an on-host security audit and turn the findings into a prioritized hardening checklist for an agent or operator. Invoke it when a machine is about to become internet-facing, after base image changes, or whenever you need a quick read on hardening drift instead o","description":"# Audit Linux host hardening drift before exposing SSH or rolling to production\n\nUses Lynis to run an on-host security audit and turn the findings into a prioritized hardening checklist for an agent or operator. Invoke it when a machine is about to become internet-facing, after base image changes, or whenever you need a quick read on hardening drift instead of a generic vulnerability scan.\n\n## Prerequisites\n\nShell access to the target UNIX-like host, with root or sudo recommended for fuller audit coverage\n\n## Installation\n\nUse the upstream install or setup path that matches your environment:\n- git clone https://github.com/CISOfy/lynis\n\nRequirements and caveats from upstream:\n- Article by TechRepublic, considering Lynis a \"must-have\" tool: [How to quickly audit a Linux system from the command line](http://www.techrepublic.com/article/how-to-quickly-audit-a-linux-system-from-the-command-line/)\n\nBasic usage or getting-started notes:\n- There are multiple options available to install Lynis.\n- ### Software package\n- For systems running Linux, BSD, and macOS, there is typically a package available. This is the preferred method of obtaining Lynis, as it is quick to install and easy to update. The Lynis project itself also provides...\n\n- Source: https://github.com/CISOfy/lynis\n- Extracted from upstream docs: https://raw.githubusercontent.com/CISOfy/lynis/HEAD/README.md\n\n## Documentation\n\n- https://cisofy.com/documentation/lynis/\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/audit-linux-host-hardening-drift-before-exposing-ssh-or-rolling-to-production/)","tags":["audit","linux","host","hardening","drift","before","exposing","ssh","rolling","production","skills","agentskillexchange"],"capabilities":["skill","source-agentskillexchange","skill-audit-linux-host-hardening-drift-before-exposing-ssh-or-rolling-to-production","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/audit-linux-host-hardening-drift-before-exposing-ssh-or-rolling-to-production","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,598 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:09:30.310Z","embedding":null,"createdAt":"2026-05-18T13:15:15.228Z","updatedAt":"2026-05-18T19:09:30.310Z","lastSeenAt":"2026-05-18T19:09:30.310Z","tsv":"'/article/how-to-quickly-audit-a-linux-system-from-the-command-line/)':197 '/cisofy/lynis':168,255 '/cisofy/lynis/head/readme.md':262 '/documentation/lynis/':266 '/skills/audit-linux-host-hardening-drift-before-exposing-ssh-or-rolling-to-production/)':273 'access':135 'agent':34,98,268 'agentskillexchange.com':272 'agentskillexchange.com/skills/audit-linux-host-hardening-drift-before-exposing-ssh-or-rolling-to-production/)':271 'also':250 'articl':174 'audit':1,22,65,86,150,187 'avail':209,227 'base':50,114 'basic':198 'becom':45,109 'bsd':219 'caveat':171 'chang':52,116 'checklist':31,95 'cisofy.com':265 'cisofy.com/documentation/lynis/':264 'clone':165 'command':193 'consid':177 'coverag':151 'doc':259 'document':263 'drift':5,62,69,126 'easi':243 'environ':163 'exchang':270 'expos':7,71 'extract':256 'face':48,112 'find':26,90 'fuller':149 'generic':130 'get':202 'getting-start':201 'git':164 'github.com':167,254 'github.com/cisofy/lynis':166,253 'harden':4,30,61,68,94,125 'host':3,20,67,84,142 'imag':51,115 'instal':152,156,211,241 'instead':63,127 'internet':47,111 'internet-fac':46,110 'invok':37,101 'like':141 'line':194 'linux':2,66,189,218 'lyni':14,78,178,212,235,247 'machin':41,105 'maco':221 'match':161 'method':232 'multipl':207 'must':181 'must-hav':180 'need':56,120 'note':204 'o':64 'obtain':234 'on-host':18,82 'oper':36,100 'option':208 'packag':214,226 'path':159 'prefer':231 'prerequisit':133 'priorit':29,93 'product':12,76 'project':248 'provid':251 'quick':58,122,186,239 'raw.githubusercontent.com':261 'raw.githubusercontent.com/cisofy/lynis/head/readme.md':260 'read':59,123 'recommend':147 'requir':169 'roll':10,74 'root':144 'run':16,80,217 'scan':132 'secur':21,85 'setup':158 'shell':134 'skill':269 'skill-audit-linux-host-hardening-drift-before-exposing-ssh-or-rolling-to-production' 'softwar':213 'sourc':252,267 'source-agentskillexchange' 'ssh':8,72 'start':203 'sudo':146 'system':190,216 'target':138 'techrepubl':176 'tool':183 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'turn':24,88 'typic':224 'unix':140 'unix-lik':139 'updat':245 'upstream':155,173,258 'usag':199 'use':13,77,153 'vulner':131 'whenev':54,118 'www.techrepublic.com':196 'www.techrepublic.com/article/how-to-quickly-audit-a-linux-system-from-the-command-line/)':195","prices":[{"id":"ef325685-f43d-4cfc-bc94-f91f32f80375","listingId":"11cad15d-47a5-419d-83bd-ddf040b22cd1","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:15:15.228Z"}],"sources":[{"listingId":"11cad15d-47a5-419d-83bd-ddf040b22cd1","source":"github","sourceId":"agentskillexchange/skills/audit-linux-host-hardening-drift-before-exposing-ssh-or-rolling-to-production","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/audit-linux-host-hardening-drift-before-exposing-ssh-or-rolling-to-production","isPrimary":false,"firstSeenAt":"2026-05-18T13:15:15.228Z","lastSeenAt":"2026-05-18T19:09:30.310Z"}],"details":{"listingId":"11cad15d-47a5-419d-83bd-ddf040b22cd1","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"audit-linux-host-hardening-drift-before-exposing-ssh-or-rolling-to-production","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"c4ea5042c32106082fc96e6dd435c4a1b8868948","skill_md_path":"skills/audit-linux-host-hardening-drift-before-exposing-ssh-or-rolling-to-production/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/audit-linux-host-hardening-drift-before-exposing-ssh-or-rolling-to-production"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"Audit Linux host hardening drift before exposing SSH or rolling to production","description":"Uses Lynis to run an on-host security audit and turn the findings into a prioritized hardening checklist for an agent or operator. Invoke it when a machine is about to become internet-facing, after base image changes, or whenever you need a quick read on hardening drift instead of a generic vulnerability scan."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/audit-linux-host-hardening-drift-before-exposing-ssh-or-rolling-to-production"},"updatedAt":"2026-05-18T19:09:30.310Z"}}