Skip to main content

EXTENSIONS

User-built models, drivers, vaults, and reports — the parts that plug into swamp.

Filter by what you need and pull what fits.

Selection
18 results
label:security

Hashicorp Vault

@webframp/hashicorp-vault · v2026.06.01.1

HashiCorp Vault secrets management via REST API (KV v1 and v2)

upd Jun 212 pullsA100/100

Aws/securityhub Findings

@webframp/aws/securityhub-findings · v2026.05.28.1

Query and manage AWS Security Hub findings from a delegated administrator

upd May 2815 pullsA100/100

Azure

@dougschaefer/azure · v2026.05.27.3

Azure infrastructure management via az CLI — 31 model types covering compute, networking, data, security, RBAC, Azure Policy, Defender for Cloud, Entra directory, monitoring, DNS, DevOps, and subscription-wide topology with Mermaid diagrams and cost estimation.

upd May 2723 pullsA100/100

Tailscale

@keeb/tailscale · v2026.05.25.1

Install Tailscale on remote VMs over SSH and sync tailnet machine inventory from tailscale status JSON into per-machine resources.

upd May 252.4k pullsA100/100

Cloudflare Audit

@webframp/cloudflare-audit · v2026.05.24.1

Cloudflare security and configuration audit workflow.

upd May 247 pullsA100/100

Macos Doctor

@alvagante/macos-doctor · v2026.05.22.1

Read-only local macOS security, sanity, and performance posture checks with a severity-rated report.

upd May 222 pullsB85/100

Github

@hivemq/github · v2026.05.22.67

GitHub models for swamp. Currently provides @hivemq/github/token, which audits a single GitHub token.

upd May 225 pullsB85/100

Trust Network

@mccormick/trust-network · v2026.05.21.2

Inventory and report on OIDC trust policies and workload-identity federation across GitHub, Google Cloud, and Cloudflare One.

upd May 2218 pullsA100/100

Cloudflare

@mccormick/cloudflare · v2026.05.21.1

Cloudflare One / Zero Trust Access discovery for swamp.

upd May 213 pullsA100/100

Aws/guardduty

@webframp/aws/guardduty · v2026.05.20.1

Query and inspect GuardDuty findings from a delegated administrator account,

upd May 207 pullsA100/100

Mudroom

@hivemq/mudroom · v2026.05.20.61

Run Claude Code (and other workloads) inside a macOS apple/container sandbox.

upd May 2043 pullsB83/100

Cve/mini Shai Hulud

@swamp/cve/mini-shai-hulud · v2026.05.19.1

Scans deno.lock and package-lock.json files for npm packages compromised

upd May 199 pullsA100/100

Aws S3 Bucket Audit

@jentz/aws-s3-bucket-audit · v2026.05.18.2

Workflow-scope report that audits S3 buckets against standard security

upd May 189 pullsA100/100

Cve/dirtyfrag

@swamp/cve/dirtyfrag · v2026.05.08.5

Detects and mitigates the Dirty Frag Linux local privilege escalation

upd May 85 pullsA100/100

Mudroom

@bixu/mudroom · v2026.05.06.2

Run Claude Code (and other workloads) inside a macOS apple/container sandbox.

upd May 66 pullsA100/100

Github Security

@bixu/github-security · v2026.04.23.2

GitHub repository security auditing with support for native features and third-party tool detection

upd Apr 234 pullsA100/100

Tailnet Healthcheck

@bixu/tailnet-healthcheck · v2026.04.23.2

Tailnet health reporting — find devices running outdated Tailscale clients and alert via Slack

upd Apr 233 pullsA100/100

Tailscale

@john/tailscale · v2026.03.02.1

Tailscale tailnet management — 10 model types covering devices, users, ACLs, DNS, auth keys, webhooks, settings, contacts, posture, and log config. 22 workflows for device inventory, user lifecycle, ACL audit, security audit, compliance, incident response, monitoring, and more. Fix: OAuth token cache now keys on credentials so different tailnets/OAuth clients no longer share tokens.

upd Mar 222 pullsunscored