AgentSkillsCN

Bastion Skill - System Hardening & Defense

堡垒技能——系统加固与防御

SKILL.md

Bastion Skill - System Hardening & Defense

namedescription
bastionProvides guidance and automation for hardening systems, configuring firewalls, and enforcing security policies. USE WHEN you need to protect a server, secure a network, or apply defensive configurations.

The Key Insight

A "Citadel" is built from many "Bastions." This skill focuses on the technical implementation of defense. It translates "I want to be secure" into actual firewall rules, kernel hardening parameters, and access control lists.

Usage

Harden OS

bash
pai run Bastion harden "linux-ubuntu"

Apply Firewall

bash
pai run Bastion firewall "strict-mode"

Strategic Value

  • Deterministic Defense: Reduces human error in complex security configurations.
  • Compliance Ready: Helps you align your projects with industry standards (NIST, CIS).
  • Rapid Recovery: Scaffolds "Safe-State" configurations if a Bastion is breached.