feat(skills): introduce owasp-ml#1227
feat(skills): introduce owasp-ml#1227JasonTheDeveloper wants to merge 21 commits intomicrosoft:mainfrom
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #1227 +/- ##
==========================================
- Coverage 87.63% 87.62% -0.02%
==========================================
Files 61 61
Lines 9328 9328
==========================================
- Hits 8175 8174 -1
- Misses 1153 1154 +1
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
|
@JasonTheDeveloper - how do you anticipate this particular skill is used? I get the other ones for review and evaluation of existing code and for reviews of PRs, but this feels more like a planning setup. My concern with planning is that skills tend to not be great for overview/breadth needs of planning vs deep task specific work where skills tend to excel. |
|
@WilliamBerryiii I was thinking this skill in particular would help data scientists as they're writing notebooks, for example to train and utilise models. I do see where you're coming from. Although I believe the utilisation of this skill in particular would be a lot lower than others, I felt it might still be relevant. Happy to abandon the PR if you feel it's not necessary. |
|
To the other maintainers ... I'm still thinking through how we provide this capability into the ecosystem. I am of the opinion that it probably makes the most sense as a "planner" system, like SSSC, RAI, and Security (and the forthcoming "accessibility" one). @C-Neisinger ... would also appreciate some input from you on this one. |
WilliamBerryiii
changed the title
owasp-ml
chaosdinosaur
left a comment
chaosdinosaur
left a comment
There was a problem hiding this comment.
Thank you for introducing the OWASP ML Top 10 skill, @JasonTheDeveloper. The structure and integration are solid — skill validation passes, all agent/prompt/collection references are consistently updated, and the 10 vulnerability reference documents follow a clean, consistent format.
Four inline comments are attached. The highest-priority item is the missing Third-Party Attribution section in SKILL.md — all sibling OWASP skills include this, and it is required by the CC-BY-SA-4.0 license.
RI-05 — PR checklist items (Info): Several AI artifact checklist items are unchecked (Documentation updated, /prompt-analyze review, prompt-builder feedback, common standards verification). Consider running /prompt-analyze on the new skill assets before merge.
Overall this is a well-structured contribution. Looking forward to the updates!
| * `00-vulnerability-index.md` — index of all vulnerability identifiers, categories, and cross-references. | ||
| * `01` through `10` — one document per vulnerability aligned with OWASP ML Security Top 10 numbering. | ||
|
|
||
| --- |
There was a problem hiding this comment.
RI-01 — Missing Third-Party Attribution (High)
All sibling OWASP skills (owasp-top-10, owasp-llm, owasp-agentic) include a ## Third-Party Attribution section acknowledging OWASP Foundation copyright and CC-BY-SA-4.0 license terms. This section is missing from owasp-ml.
Since the content is derived from the OWASP ML Security Top 10, proper attribution is required by the CC-BY-SA-4.0 license.
Suggested addition (before the closing ---):
## Third-Party Attribution
Copyright © OWASP Foundation.
OWASP® Machine Learning Security Top 10 (2023) content is derived from works by the
OWASP Foundation, licensed under CC BY-SA 4.0
(<https://creativecommons.org/licenses/by-sa/4.0/>).
Source: <https://owasp.org/www-project-machine-learning-security-top-10/>
Modifications: Vulnerability descriptions restructured into agent-consumable reference
documents with added detection and remediation guidance.
OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement.| - **OWASP Top 10** — OWASP Top 10 for Web Applications (2025) vulnerability knowledge base | ||
| - **OWASP LLM Top 10** — OWASP Top 10 for LLM Applications (2025) vulnerability knowledge base | ||
| - **OWASP Agentic Top 10** — OWASP Agentic Security Top 10 vulnerability knowledge base for AI agent systems | ||
| - **OWASP ML Top 10** - OWASP Machine Learning Top 10 (2023) vulnerability knowledge base for identifying, assessing, and remediating security risks in machine learning systems |
There was a problem hiding this comment.
RI-02 — Hyphen instead of em dash (Low)
Lines 27–29 use em dash (—) between the bold skill name and description. This new entry uses a plain hyphen (-), breaking the formatting pattern.
| - **OWASP ML Top 10** - OWASP Machine Learning Top 10 (2023) vulnerability knowledge base for identifying, assessing, and remediating security risks in machine learning systems | |
| - **OWASP ML Top 10** — OWASP Machine Learning Top 10 (2023) vulnerability knowledge base for identifying, assessing, and remediating security risks in machine learning systems |
|
|
||
| * `SKILL.md` — this file (skill entrypoint). | ||
| * `references/` — the ML Top 10 normative documents. | ||
| * `00-vulnerability-index.md` — index of all vulnerability identifiers, categories, and cross-references. |
There was a problem hiding this comment.
RI-03 — "index" vs "master index" (Low)
All three sibling OWASP skills say master index of all vulnerability identifiers here. Minor wording inconsistency.
| * `00-vulnerability-index.md` — index of all vulnerability identifiers, categories, and cross-references. | |
| * `00-vulnerability-index.md` — master index of all vulnerability identifiers, categories, and cross-references. |
| owasp-ml: | ||
| - "ML training/inference code" | ||
| - "Model files (.pt, .h5, .onnx, .pkl)" |
There was a problem hiding this comment.
RI-04 — Technology signals may be too narrow (Medium)
Other skill signal blocks have 3–5 entries for broader detection coverage. ML codebases commonly include framework imports (torch, tensorflow, sklearn, keras, transformers) and additional model formats (.safetensors). Adding at least one framework-import signal would improve the codebase profiler's detection accuracy.
Consider expanding to:
owasp-ml:
- "ML training/inference code"
- "Model files (.pt, .h5, .onnx, .pkl, .safetensors)"
- "ML framework imports (torch, tensorflow, sklearn, keras, transformers)"4 participants
Pull Request
Description
In alignment with phase 2 discussed in #480 (comment), this PR introduces the OWASP ML Top 10 skill to hve-core and the security reviewer agent.
Related Issue(s)
Closes #1205
Type of Change
Select all that apply:
Code & Documentation:
Infrastructure & Configuration:
AI Artifacts:
prompt-builderagent and addressed all feedback.github/instructions/*.instructions.md).github/prompts/*.prompt.md).github/agents/*.agent.md).github/skills/*/SKILL.md)Other:
.ps1,.sh,.py)Testing
To be able to test the
owasp-mlskill using the security reviewer agent you will need a repository containing a mcp code (not configurations).Security Revieweragent or invoke the agent via the/security-revewinstructionanalyse the code and produce a vulnerability reportcodebase-profiler.agent.mdpicks up that the repository contains mcp and thus uses theowasp-mlskill then that's all you need.owasp-mlis used, in your prompt addtargetSkill=owasp-mlYou should see in the output report the
owasp-mlskill being referenced and used.Checklist
Required Checks
AI Artifact Contributions
/prompt-analyzeto review contributionprompt-builderreviewRequired Automated Checks
The following validation commands must pass before merging:
npm run lint:mdnpm run spell-checknpm run lint:frontmatternpm run validate:skillsnpm run lint:md-linksnpm run lint:psnpm run plugin:generateSecurity Considerations