vendor-risk-monitor
Continuous vendor security monitoring for security ratings, breach notifications, and risk change detection
509 stars
bya5c-ai
Best use case
vendor-risk-monitor is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Continuous vendor security monitoring for security ratings, breach notifications, and risk change detection
Teams using vendor-risk-monitor should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
$curl -o ~/.claude/skills/vendor-risk-monitor/SKILL.md --create-dirs "https://raw.githubusercontent.com/a5c-ai/babysitter/main/library/specializations/security-compliance/skills/vendor-risk-monitor/SKILL.md"
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/vendor-risk-monitor/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How vendor-risk-monitor Compares
| Feature / Agent | vendor-risk-monitor | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Continuous vendor security monitoring for security ratings, breach notifications, and risk change detection
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Vendor Risk Monitor Skill
## Purpose
Provide continuous vendor security monitoring by tracking security ratings, monitoring breach notifications, detecting certificate issues, and alerting on risk changes for proactive third-party risk management.
## Capabilities
### Security Rating Monitoring
- Track vendor security ratings from rating services
- Monitor rating changes and trends
- Compare ratings against thresholds
- Analyze rating factor changes
- Generate rating trend reports
- Alert on rating downgrades
### Breach Notification Tracking
- Monitor public breach databases
- Track vendor-disclosed incidents
- Correlate breaches with vendor inventory
- Assess breach impact on data
- Generate breach impact reports
- Trigger incident response workflows
### Certificate Status Checking
- Monitor vendor SSL/TLS certificates
- Track certificate expiration dates
- Detect certificate issues
- Verify certificate chain validity
- Alert on upcoming expirations
- Check certificate transparency logs
### Dark Web Monitoring
- Monitor dark web for vendor exposures
- Detect leaked credentials
- Identify data for sale
- Track threat actor mentions
- Correlate with vendor risk profiles
- Generate exposure reports
### Risk Change Alerting
- Detect significant risk changes
- Correlate multiple risk signals
- Generate risk change notifications
- Escalate critical changes
- Update vendor risk profiles
- Trigger reassessment workflows
### Monitoring Report Generation
- Generate continuous monitoring reports
- Create executive dashboards
- Produce trend analysis
- Build risk heat maps
- Export data for GRC systems
- Support board reporting
## Monitoring Sources
| Source Type | Examples | Data Type |
|-------------|----------|-----------|
| Security Ratings | BitSight, SecurityScorecard | Posture scores |
| Breach Databases | HaveIBeenPwned, DataBreaches.net | Incident data |
| Certificate Monitors | SSL Labs, crt.sh | Certificate status |
| Dark Web | Various feeds | Exposure data |
| News/Alerts | Security news feeds | Incident reports |
| Regulatory | SEC filings, regulatory actions | Compliance events |
## Risk Signals Monitored
- Security rating changes
- New vulnerability disclosures
- Data breach announcements
- Certificate issues
- Domain security problems
- DNS configuration issues
- Email security posture
- Network security indicators
- Patching cadence
- Open ports and services
## Integrations
- **BitSight**: Security ratings platform
- **SecurityScorecard**: Security ratings and benchmarks
- **RiskRecon**: Third-party risk monitoring
- **Black Kite**: Cyber risk ratings
- **UpGuard**: Third-party risk monitoring
- **Recorded Future**: Threat intelligence
## Target Processes
- Third-Party Vendor Security Assessment
- Continuous Compliance Monitoring
- Vendor Risk Management
- Supply Chain Security
## Input Schema
```json
{
"type": "object",
"properties": {
"operation": {
"type": "string",
"enum": ["monitor", "check-ratings", "check-breaches", "check-certificates", "generate-report", "configure-alerts"],
"description": "Monitoring operation type"
},
"vendors": {
"type": "array",
"items": {
"type": "object",
"properties": {
"vendorId": { "type": "string" },
"vendorName": { "type": "string" },
"domain": { "type": "string" },
"riskTier": { "type": "string" }
}
},
"description": "Vendors to monitor"
},
"monitoringScope": {
"type": "array",
"items": {
"type": "string",
"enum": ["ratings", "breaches", "certificates", "dark-web", "news", "regulatory"]
}
},
"alertThresholds": {
"type": "object",
"properties": {
"ratingDropThreshold": { "type": "number" },
"minimumRating": { "type": "number" },
"certificateExpiryDays": { "type": "integer" }
}
},
"reportingPeriod": {
"type": "object",
"properties": {
"startDate": { "type": "string", "format": "date" },
"endDate": { "type": "string", "format": "date" }
}
},
"notificationChannels": {
"type": "array",
"items": { "type": "string" }
}
},
"required": ["operation"]
}
```
## Output Schema
```json
{
"type": "object",
"properties": {
"monitoringId": {
"type": "string"
},
"operation": {
"type": "string"
},
"timestamp": {
"type": "string",
"format": "date-time"
},
"vendorsMonitored": {
"type": "integer"
},
"ratingsSummary": {
"type": "object",
"properties": {
"vendorsWithRatings": { "type": "integer" },
"averageRating": { "type": "number" },
"belowThreshold": { "type": "integer" },
"ratingChanges": {
"type": "array",
"items": {
"type": "object",
"properties": {
"vendorId": { "type": "string" },
"previousRating": { "type": "number" },
"currentRating": { "type": "number" },
"change": { "type": "number" },
"changeDate": { "type": "string" }
}
}
}
}
},
"breachAlerts": {
"type": "array",
"items": {
"type": "object",
"properties": {
"vendorId": { "type": "string" },
"vendorName": { "type": "string" },
"breachDate": { "type": "string" },
"description": { "type": "string" },
"dataTypes": { "type": "array" },
"recordsAffected": { "type": "integer" },
"source": { "type": "string" }
}
}
},
"certificateAlerts": {
"type": "array",
"items": {
"type": "object",
"properties": {
"vendorId": { "type": "string" },
"domain": { "type": "string" },
"issue": { "type": "string" },
"expirationDate": { "type": "string" },
"daysUntilExpiry": { "type": "integer" }
}
}
},
"darkWebFindings": {
"type": "array",
"items": {
"type": "object",
"properties": {
"vendorId": { "type": "string" },
"findingType": { "type": "string" },
"description": { "type": "string" },
"discoveryDate": { "type": "string" },
"severity": { "type": "string" }
}
}
},
"riskChanges": {
"type": "array",
"items": {
"type": "object",
"properties": {
"vendorId": { "type": "string" },
"vendorName": { "type": "string" },
"previousRiskLevel": { "type": "string" },
"currentRiskLevel": { "type": "string" },
"triggers": { "type": "array" },
"recommendedAction": { "type": "string" }
}
}
},
"alertsSent": {
"type": "integer"
},
"recommendations": {
"type": "array",
"items": { "type": "string" }
},
"reportPath": {
"type": "string"
}
}
}
```
## Usage Example
```javascript
skill: {
name: 'vendor-risk-monitor',
context: {
operation: 'monitor',
vendors: [
{ vendorId: 'v001', vendorName: 'Cloud Provider', domain: 'cloudprovider.com', riskTier: 'critical' }
],
monitoringScope: ['ratings', 'breaches', 'certificates'],
alertThresholds: {
ratingDropThreshold: 10,
minimumRating: 700,
certificateExpiryDays: 30
}
}
}
```Related Skills
vendor-security-questionnaire
509
from a5c-ai/babysitter
Automated vendor security assessment through questionnaire generation, response parsing, and risk scoring
risk-mitigation-planning
509
from a5c-ai/babysitter
Develop comprehensive risk management plans for collections and cultural venues including disaster preparedness, security protocols, and insurance coordination
use-related-risk-analyzer
509
from a5c-ai/babysitter
Use-related risk analysis skill for identifying hazards associated with user interaction per IEC 62366-1
iso14971-risk-analyzer
509
from a5c-ai/babysitter
Comprehensive risk management skill implementing ISO 14971:2019 methodology for medical device risk analysis
cybersecurity-risk-assessor
509
from a5c-ai/babysitter
Medical device cybersecurity risk assessment skill per FDA premarket and postmarket guidance
vendor-risk-scorer
509
from a5c-ai/babysitter
Comprehensive supplier risk scoring skill with multi-dimensional risk assessment
supply-chain-risk-assessor
509
from a5c-ai/babysitter
Comprehensive supply chain risk identification and assessment skill with heat mapping
early-warning-monitor
509
from a5c-ai/babysitter
Continuous supplier and supply chain risk monitoring with automated alerts
media-monitoring
509
from a5c-ai/babysitter
Deep integration with media monitoring platforms for coverage tracking, sentiment analysis, and reporting
vendor-scorecard
509
from a5c-ai/babysitter
Evaluate and track vendor performance using scorecards and metrics
fraud-risk-assessor
509
from a5c-ai/babysitter
Fraud risk assessment skill based on the fraud triangle with red flag detection
debt-covenant-monitor
509
from a5c-ai/babysitter
Automated covenant compliance monitoring and calculation skill with early warning alerts