feat: Copilot Security Plugin Support

.github/plugin/marketplace.json

@@ -1,7 +1,7 @@
 {
   "name": "copilot-security-instructions",
   "metadata": {
-    "description": "Security-focused GitHub Copilot plugin marketplace for AppSec agents and the threat-model skill",
+    "description": "A collection of instructions and skills for application security tasks, including threat modeling, secure code review, and other appsec activities.",
     "version": "1.0.0",
     "pluginRoot": "./plugins"
   },
@@ -10,10 +10,10 @@
   },
   "plugins": [
     {
-      "name": "threat-model",
-      "description": "Performs threat modeling using Mermaid diagrams to validate flowcharts / sequence diagrams for security review",
+      "name": "copilot-security",
+      "description": "A plugin that provides application security skills and agents to help developers with threat modeling, secure code review, and other appsec tasks.",
       "version": "1.0.0",
-      "source": "threat-model"
+      "source": "copilot-security"
     }
   ]
 }

README.md

@@ -22,6 +22,7 @@ This project offers:
 - **AI hallucination protections** to prevent package spoofing, non-existent APIs, and misinformation risks.
 - **Mentorship-style tips** to help newer engineers build secure coding habits.
 - **Custom agents & Agent Skills** under `agents/` and `skills/` for repeatable AppSec workflows inside Copilot.
+- **An installable GitHub Copilot CLI plugin** under `plugins/copilot-security` for reusable AppSec agents and skills across projects.
 - **An MCP server** for seamless integration of these prompts into other projects.
 
 ---
@@ -37,7 +38,7 @@ It standardizes intake, then hands off to specialist agents (Analyst/Architect/E
 
 | Prompt | Description | Intended Use |
 | --- | --- | --- |
-| [access-control-and-authorization-architecutre.prompt.md](prompts/access-control-and-authorization-architecture.prompt.md) | Review and report on access control / authorization architecture for project. | Perform analysis of the current architecture for access control and authorization within the project. |
+| [access-control-review.prompt.md](prompts/access-control-review.prompt.md) | Review and report on access control / authorization architecture for project. | Perform analysis of the current architecture for access control and authorization within the project. |
 | [assess-logging.prompt.md](prompts/assess-logging.prompt.md) | Identify unsafe logging and exposure of sensitive data. | Audit log output for leaks and recommend safer patterns. |
 | [business-logic-review.prompt.md](prompts/business-logic-review.prompt.md) | Analyze overall business logic flow and decision making. | Map application behavior and critique critical logic paths. |
 | [check-access-controls.prompt.md](prompts/check-access-controls.prompt.md) | Audit authorization and access control weaknesses. | Ensure RBAC/ABAC enforcement and consistent permission checks. |
@@ -68,39 +69,59 @@ It standardizes intake, then hands off to specialist agents (Analyst/Architect/E
 | Skill | Intended use |
 | --- | --- |
 | [secure-code-review](skills/secure-code-review/SKILL.md) | Repeatable security review workflow + findings template. |
-| [authn-authz-review](skills/authn-authz-review/SKILL.md) | Review authentication and authorization controls. |
+| [access-control-review](skills/access-control-review/SKILL.md) | Review identity, access control, and authorization architecture with evidence-first reporting. |
 | [input-validation-hardening](skills/input-validation-hardening/SKILL.md) | Tighten validation boundaries and parsing safety. |
 | [dependency-cve-triage](skills/dependency-cve-triage/SKILL.md) | CVE reachability + remediation plan workflow. |
 | [secrets-and-logging-hygiene](skills/secrets-and-logging-hygiene/SKILL.md) | Prevent secret leaks and add redaction defaults. |
 | [genai-acceptance-review](skills/genai-acceptance-review/SKILL.md) | Prevent over-trust and prompt/tool injection risks. |
 | [threat-model](skills/threat-model/SKILL.md) | Full 4Q threat modeling workflow with CLI-friendly Mermaid docs and validation helpers. |
-| [threat-model-lite](skills/threat-model-lite/SKILL.md) | Lightweight threat modeling with ranked mitigations. |
 | [secure-fix-validation](skills/secure-fix-validation/SKILL.md) | Prove fixes work and don’t regress behavior. |
 
-For GitHub Copilot CLI users, the `threat-model` skill bundles local Mermaid helper scripts so you can draft diagrams, print syntax guidance, and validate report files without the VS Code Mermaid Chart extension.
-
 ## 📦 How to Use in a Real Project
 
 Tip for contributors: when adding a file under `prompts/`, update the Prompt Catalogue table.
 
-### Leveraging Static Files
+### Option 1: Leveraging Static Files
+
+This option is best when you want to vendor a fixed set of guidance files directly into a repository instead of installing the reusable CLI plugin.
+
+Copy the components you want from this repository into the matching `.github/` locations in your target project:
+
+| From this repository | Copy into target project | Purpose |
+| --- | --- | --- |
+| `copilot-instructions.md` | `.github/copilot-instructions.md` | Repository-wide default coding and security guidance |
+| `prompts/*.prompt.md` | `.github/prompts/` | Reusable prompt files that can be run directly in Copilot |
+| `agents/*.agent.md` | `.github/agents/` | Reusable specialist agents such as analyst, architect, or engineer |
+| `skills/**/SKILL.md` and skill-local files | `.github/skills/` | On-demand skills, including any helper scripts kept inside each skill directory |
+| `instructions/*.instructions.md` | `.github/instructions/` | Path-specific instructions for matching file globs |
+
+Notes:
+
+- If you copy a skill directory, copy the entire folder, not just `SKILL.md`. Some skills include helper assets or scripts alongside the Markdown file.
+- The root-level `instructions/` folder in this repository is currently empty, so there are no path-specific instruction files to copy right now.
+- If you only need a subset, copy only the prompts, agents, or skills you plan to use.
+
+1. Copy `copilot-instructions.md` into your repo under `.github/copilot-instructions.md`.
 
-1. Copy the `copilot-instructions.md` file into your repo under:  
-   `.github/copilot-instructions.md`
+2. Copy whichever reusable folders and files you want to adopt:
 
-2. Drop the prompts you want into:  
-   `.github/prompts/`
+   - prompts into `.github/prompts/`
+   - agents into `.github/agents/`
+   - skills into `.github/skills/`
+   - instructions into `.github/instructions/` when this repository provides them
 
-3. Open the prompt you wish to run within your IDE
+3. Open the prompt or agent-enabled workflow you want to run within your IDE.
 
-4. Click the `Run Prompt` button to the top-right of the file
+4. For prompt files, click the `Run Prompt` button at the top-right of the file.
 
    ![Run Prompt Button](images/example-run_prompt.png)
 
    > ℹ️ **Note**: If you don't see the run prompt button; check to make sure the `Chat: Prompt Files` functionality is enabled in your settings
    > ![Chat Prompt Files Setting](images/example-chat_prompt_files.png)
 
-### Leveraging the MCP Server
+5. For agents and skills, invoke them from Copilot Chat after the files are present in `.github/agents/` and `.github/skills/`.
+
+### Option 2: Leveraging the MCP Server
 
 The MCP server simplifies the integration of secure coding prompts into your workflow. Follow these steps:
 
@@ -118,29 +139,29 @@ The MCP server simplifies the integration of secure coding prompts into your wor
    cp .env.example .env
    ```
 
-   > The MCP server reads configuration from a `.env` file. Customize the following variables as needed:
-   >
-   > | Variable | Description | Default |
-   > | --- | --- | --- |
-   > | `server.port` | Port the MCP server listens on. | `8080` |
-   > | `server.ssl` | Whether to use ssl for express server | `false` |
-   > | `server.ssl.pfx` | Path to pfx file | `localhost.pfx` |
-   > | `server.ssl.pfx.passphrase` | Passphrase for pfx file | `PFX_PASSPHRASE` |
-   > | `server.hostname` | Hostname the server binds to. | `localhost` |
-   > | `logger.transports.console.enabled` | Enable console logging output. | `false` |
-   > | `logger.transports.console.level` | Log level for console output. | `info` |
-   > | `logger.transports.amqp.enabled` | Enable AMQP-based logging. | `false` |
-   > | `logger.transports.amqp.level` | Log level for AMQP transport. | `http` |
-   > | `logger.transports.amqp.hostname` | Hostname of the AMQP broker. | `localhost` |
-   > | `logger.transports.amqp.port` | Port for the AMQP broker. | `5672` |
-   > | `logger.transports.amqp.username` | Username for AMQP authentication. | `guest` |
-   > | `logger.transports.amqp.password` | Password for AMQP authentication. | `guest` |
-   > | `logger.transports.amqp.exchange` | Exchange name used for AMQP logging. | `logs` |
-   > | `logger.transports.amqp.vhost` | Virtual host for AMQP logging. | `/logs` |
-   > | `logger.transports.amqp.heartbeat` | Heartbeat interval in seconds. | `60` |
-   > | `logger.transports.amqp.locale` | Locale for the AMQP connection. | `en_US` |
-   > | `logger.transports.amqp.type` | AMQP exchange type. | `direct` |
-   > | `logger.transports.amqp.durable` | Whether the AMQP exchange is durable. | `false` |
+   The MCP server reads configuration from a `.env` file. Customize the following variables as needed:
+
+   | Variable | Description | Default |
+   | --- | --- | --- |
+   | `server.port` | Port the MCP server listens on. | `8080` |
+   | `server.ssl` | Whether to use ssl for express server | `false` |
+   | `server.ssl.pfx` | Path to pfx file | `localhost.pfx` |
+   | `server.ssl.pfx.passphrase` | Passphrase for pfx file | `PFX_PASSPHRASE` |
+   | `server.hostname` | Hostname the server binds to. | `localhost` |
+   | `logger.transports.console.enabled` | Enable console logging output. | `false` |
+   | `logger.transports.console.level` | Log level for console output. | `info` |
+   | `logger.transports.amqp.enabled` | Enable AMQP-based logging. | `false` |
+   | `logger.transports.amqp.level` | Log level for AMQP transport. | `http` |
+   | `logger.transports.amqp.hostname` | Hostname of the AMQP broker. | `localhost` |
+   | `logger.transports.amqp.port` | Port for the AMQP broker. | `5672` |
+   | `logger.transports.amqp.username` | Username for AMQP authentication. | `guest` |
+   | `logger.transports.amqp.password` | Password for AMQP authentication. | `guest` |
+   | `logger.transports.amqp.exchange` | Exchange name used for AMQP logging. | `logs` |
+   | `logger.transports.amqp.vhost` | Virtual host for AMQP logging. | `/logs` |
+   | `logger.transports.amqp.heartbeat` | Heartbeat interval in seconds. | `60` |
+   | `logger.transports.amqp.locale` | Locale for the AMQP connection. | `en_US` |
+   | `logger.transports.amqp.type` | AMQP exchange type. | `direct` |
+   | `logger.transports.amqp.durable` | Whether the AMQP exchange is durable. | `false` |
 
 3. Start the server
 
@@ -192,6 +213,88 @@ The MCP server simplifies the integration of secure coding prompts into your wor
 
    **Example:** `Please get and run the secure code review prompt.`
 
+### Option 3: Using the `copilot-security` GitHub Copilot CLI Plugin
+
+This repository ships an installable GitHub Copilot CLI plugin named `copilot-security`.
+
+Plugins are reusable bundles of Copilot components such as agents, skills, hooks, and integrations. In this project, the plugin is published from the official marketplace repository:
+
+- `robotti-io/copilot-security-instructions`
+
+The plugin manifest lives under `plugins/copilot-security/.github/plugin/plugin.json`, and the marketplace manifest for this repository lives under `.github/plugin/marketplace.json`.
+
+#### What the plugin contains
+
+The `copilot-security` plugin currently packages these reusable components:
+
+- Agents:
+  - `application-security-analyst`
+  - `application-security-architect`
+- Skills:
+  - `access-control-review`
+  - `dependency-cve-triage`
+  - `threat-model`
+
+After installation, these agents and skills are available in any project where you use GitHub Copilot CLI.
+
+#### Install from the official marketplace
+
+GitHub documents CLI plugins here:
+
+- `https://docs.github.com/en/copilot/concepts/agents/copilot-cli/about-cli-plugins`
+- `https://docs.github.com/en/copilot/how-tos/copilot-cli/customize-copilot/plugins-finding-installing`
+
+To register this repository as a plugin marketplace and install the `copilot-security` plugin:
+
+```bash
+copilot plugin marketplace add robotti-io/copilot-security-instructions
+copilot plugin marketplace list
+copilot plugin marketplace browse copilot-security-instructions
+copilot plugin install copilot-security@copilot-security-instructions
+```
+
+Notes:
+
+- `robotti-io/copilot-security-instructions` is the marketplace repository reference you add.
+- `copilot-security-instructions` is the marketplace name exposed by this repository's `marketplace.json`.
+- `copilot-security` is the plugin name exposed by `plugins/copilot-security/.github/plugin/plugin.json`.
+
+#### Install directly from the repository
+
+If you do not want to register the marketplace first, you can install the plugin directly from this repository by pointing Copilot CLI at the plugin subdirectory:
+
+```bash
+copilot plugin install robotti-io/copilot-security-instructions:plugins/copilot-security
+```
+
+This form is required because the plugin manifest is stored in a plugin subdirectory, not at the repository root.
+
+#### Install from a local checkout
+
+For local development or testing from a cloned copy of this repository:
+
+```bash
+copilot plugin install ./plugins/copilot-security
+```
+
+#### Manage the installed plugin
+
+Use the standard Copilot CLI plugin commands:
+
+```bash
+copilot plugin list
+copilot plugin update copilot-security
+copilot plugin uninstall copilot-security
+copilot plugin marketplace remove copilot-security-instructions
+```
+
+You can also get command help with:
+
+```bash
+copilot plugin --help
+copilot plugin install --help
+```
+
 ---
 
 ## 📚 Languages Supported

plugins/threat-model/.github/plugin/plugin.json → plugins/copilot-security/.github/plugin/plugin.json

@@ -1,6 +1,6 @@
 {
-  "name": "threat-model",
-  "description": "Performs threat modeling using Mermaid diagrams to validate flowcharts / sequence diagrams for security review",
+  "name": "copilot-security",
+  "description": "A plugin that provides application security skills and agents to help developers with threat modeling, secure code review, and other appsec tasks.",
   "version": "1.0.0",
   "keywords": [
     "security",

plugins/copilot-security/agents/application-security-analyst.agent.md

@@ -0,0 +1,56 @@
+---
+name: application-security-analyst
+description: Triage and explain application security risks. Produces actionable findings and guidance without making code changes.
+tools: ['vscode', 'read', 'search', 'web', 'agent', 'todo']
+model: GPT-5.4
+---
+
+You are an **Application Security Analyst** embedded with a delivery team. Your job is to **find, explain, and prioritize security risks** in code and configurations, and to give **clear, developer-friendly guidance** for fixes.
+
+## Operating principles
+
+- Be **practical**: focus on issues that matter in real deployments and plausible threat models.
+- Be **precise**: point to exact files, functions, lines, inputs/outputs, and trust boundaries.
+- Be **actionable**: provide reproduction steps, impact, and recommended fixes.
+- Be **conservative with scope**: you do **not** implement code changes. You may suggest diffs, but you must not edit files.
+
+## Default workflow
+
+1. **Clarify context (minimal):** identify component (API, web, worker), data sensitivity (PII, auth), environment (prod vs dev), and attacker model (external, internal, multi-tenant).
+2. **Inventory entry points & assets:**
+   - Inputs: HTTP params/body/headers, message queues, files, environment variables, deserialization, templates.
+   - Assets: secrets, tokens, PII, financial data, privileged actions.
+3. **Review with a security lens:**
+   - Injection (SQL/NoSQL/OS/template), authn/authz, SSRF, XSS, CSRF, deserialization, path traversal, file upload, crypto misuse, secrets/logging, supply chain.
+4. **Produce findings in a standard format** (below), ranked by risk and fix cost.
+5. **Recommend next actions**: quick wins, tests, monitoring, and who should own the fix.
+
+## Output format (use this exact structure)
+
+### Summary
+
+- What you reviewed
+- Top risks (3–5 bullets)
+- Overall risk rating: Low / Medium / High / Critical
+
+### Findings
+
+For each finding, include:
+
+- **Title**
+- **Severity** (Critical/High/Medium/Low) and **confidence** (High/Medium/Low)
+- **Where** (file + function + relevant snippet description)
+- **Risk** (what could happen, who can do it, required preconditions)
+- **How to reproduce** (steps or a request example)
+- **Recommendation** (specific fix guidance)
+- **Verification** (how to test the fix)
+
+### Notes
+
+- Assumptions
+- Out-of-scope items
+- Follow-ups / questions for the team
+
+## Repo-specific helpers (optional)
+
+If the repository contains prompt files under `/prompts`, you may reference them by name (e.g., `secure-code-review.prompt.md`) and suggest the developer run them in Copilot.