when-setting-network-security-use-network-security-setup
Configure Claude Code sandbox network isolation with trusted domains, custom access policies, and environment variables for secure network communication.
Best use case
when-setting-network-security-use-network-security-setup is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Configure Claude Code sandbox network isolation with trusted domains, custom access policies, and environment variables for secure network communication.
Teams using when-setting-network-security-use-network-security-setup should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/when-setting-network-security-use-network-security-setup/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How when-setting-network-security-use-network-security-setup Compares
| Feature / Agent | when-setting-network-security-use-network-security-setup | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Configure Claude Code sandbox network isolation with trusted domains, custom access policies, and environment variables for secure network communication.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Network Security Setup SOP
```yaml
metadata:
skill_name: when-setting-network-security-use-network-security-setup
version: 1.0.0
category: specialized-tools
difficulty: intermediate
estimated_duration: 25-45 minutes
trigger_patterns:
- "network security"
- "configure network isolation"
- "trusted domains"
- "firewall rules"
- "network access control"
dependencies:
- Claude Code sandbox
- Network configuration access
agents:
- security-manager
- cicd-engineer
success_criteria:
- Trusted domains configured
- Access policies implemented
- Environment variables set
- Network tests passing
- Documentation complete
```
## Overview
Configure Claude Code sandbox network isolation with trusted domains, custom access policies, and environment variables for secure network communication.
## Agent Responsibilities
### security-manager
- Design network security architecture
- Define trusted domains and policies
- Validate security configurations
- Create security documentation
### cicd-engineer
- Implement network configurations
- Deploy firewall rules
- Setup environment variables
- Create monitoring tools
## Phase 1: Audit Network Requirements
Identify required network access, external dependencies, and security constraints.
```bash
mkdir -p network-security/{policies,config,tests,docs}
# Document network requirements
cat > network-security/docs/NETWORK-REQUIREMENTS.md << 'EOF'
# Network Access Requirements
## External Dependencies
- Anthropic API (api.anthropic.com)
- GitHub (github.com, *.github.com)
- NPM Registry (npmjs.org)
- PyPI (pypi.org)
- Docker Hub (docker.io)
## Required Ports
- Outbound: 80 (HTTP), 443 (HTTPS), 22 (SSH)
- Inbound: 3000, 5000, 8000, 8080 (Application)
## Protocols
- Allowed: HTTP/HTTPS, SSH, Git
- Blocked: FTP, Telnet, SMTP
## Rate Limits
- 100 requests/minute
- Burst: 150 requests
EOF
```
## Phase 2: Design Security Policies
Create comprehensive network security policies with allow/deny rules.
```bash
cat > network-security/policies/network-policy.json << 'EOF'
{
"network_security": {
"mode": "whitelist",
"trusted_domains": [
"*.anthropic.com",
"api.openai.com",
"github.com",
"*.github.com",
"raw.githubusercontent.com",
"npmjs.org",
"registry.npmjs.org",
"pypi.org",
"files.pythonhosted.org",
"docker.io",
"registry-1.docker.io"
],
"blocked_domains": [
"*.malicious.com",
"suspicious.net"
],
"allowed_ports": {
"outbound": [80, 443, 22],
"inbound": [3000, 5000, 8000, 8080]
},
"rate_limiting": {
"enabled": true,
"requests_per_minute": 100,
"burst": 150
},
"dns_filtering": {
"enabled": true,
"block_private_ips": true,
"block_localhost_bypass": true
}
}
}
EOF
```
## Phase 3: Implement Network Isolation
Deploy firewall rules, DNS filtering, and access controls.
```bash
cat > network-security/config/configure-network.sh << 'EOF'
#!/bin/bash
set -e
echo "Configuring network security..."
# Configure firewall (iptables)
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 3000 -j ACCEPT
iptables -A INPUT -p tcp --dport 8000 -j ACCEPT
# DNS filtering
cat >> /etc/hosts << 'HOSTS'
127.0.0.1 malicious.com
127.0.0.1 suspicious.net
HOSTS
# Environment variables
cat > /etc/environment.d/network-security.conf << 'ENV'
HTTPS_PROXY=""
NO_PROXY="localhost,127.0.0.1"
TRUSTED_DOMAINS="anthropic.com,github.com,npmjs.org,pypi.org,docker.io"
ENV
echo "Network security configured"
EOF
chmod +x network-security/config/configure-network.sh
```
## Phase 4: Test Access Controls
Validate network policies through comprehensive testing.
```bash
cat > network-security/tests/network-tests.sh << 'EOF'
#!/bin/bash
echo "Testing Network Security..."
# Test trusted domain access
curl -s --max-time 5 https://api.anthropic.com && echo "✓ Trusted domain accessible"
# Test blocked domain
! curl -s --max-time 5 https://malicious.com && echo "✓ Blocked domain inaccessible"
# Test allowed ports
nc -zv localhost 3000 && echo "✓ Port 3000 accessible"
echo "Network tests complete"
EOF
chmod +x network-security/tests/network-tests.sh
```
## Phase 5: Document Configuration
Create comprehensive documentation for network security setup.
```bash
cat > network-security/docs/DEPLOYMENT.md << 'EOF'
# Network Security Deployment
## Quick Start
1. Review requirements
2. Deploy configuration: `./network-security/config/configure-network.sh`
3. Test policies: `./network-security/tests/network-tests.sh`
4. Monitor: Check logs for violations
## Trusted Domains
- Anthropic API
- GitHub
- NPM/PyPI
- Docker Hub
## Monitoring
- Connection logs: `/var/log/connections.log`
- Firewall logs: `/var/log/firewall.log`
- DNS queries: `/var/log/dns.log`
## Maintenance
- Review monthly
- Update trusted domains as needed
- Audit logs weekly
EOF
```
## Workflow Summary
**Duration:** 25-45 minutes
**Deliverables:**
- Network security policies
- Firewall configuration
- DNS filtering
- Test suite
- Documentation
## Best Practices
1. **Whitelist Approach**: Deny by default
2. **Least Privilege**: Minimal access
3. **Regular Testing**: Weekly validation
4. **Continuous Monitoring**: Real-time logs
5. **Documentation**: Keep updatedRelated Skills
websocket-handler-setup
Websocket Handler Setup - Auto-activating skill for Backend Development. Triggers on: websocket handler setup, websocket handler setup Part of the Backend Development skill category.
vpc-network-setup
Vpc Network Setup - Auto-activating skill for GCP Skills. Triggers on: vpc network setup, vpc network setup Part of the GCP Skills skill category.
vpc-network-designer
Vpc Network Designer - Auto-activating skill for AWS Skills. Triggers on: vpc network designer, vpc network designer Part of the AWS Skills skill category.
tensorflow-serving-setup
Tensorflow Serving Setup - Auto-activating skill for ML Deployment. Triggers on: tensorflow serving setup, tensorflow serving setup Part of the ML Deployment skill category.
setting-up-synthetic-monitoring
This skill automates the setup of synthetic monitoring for applications. It allows Claude to proactively track performance and availability by configuring uptime, transaction, and API monitoring. Use this skill when the user requests to "set up synthetic monitoring", "configure uptime monitoring", "track application performance", or needs help with "proactive performance tracking". The skill helps to identify critical endpoints and user journeys, design monitoring scenarios, and configure alerts and dashboards.
sqs-queue-setup
Sqs Queue Setup - Auto-activating skill for AWS Skills. Triggers on: sqs queue setup, sqs queue setup Part of the AWS Skills skill category.
spy-setup-helper
Spy Setup Helper - Auto-activating skill for Test Automation. Triggers on: spy setup helper, spy setup helper Part of the Test Automation skill category.
spike-test-setup
Spike Test Setup - Auto-activating skill for Performance Testing. Triggers on: spike test setup, spike test setup Part of the Performance Testing skill category.
sla-monitor-setup
Sla Monitor Setup - Auto-activating skill for Enterprise Workflows. Triggers on: sla monitor setup, sla monitor setup Part of the Enterprise Workflows skill category.
setting-up-log-aggregation
Execute use when setting up log aggregation solutions using ELK, Loki, or Splunk. Trigger with phrases like "setup log aggregation", "deploy ELK stack", "configure Loki", or "install Splunk". Generates production-ready configurations for data ingestion, processing, storage, and visualization with proper security and scalability.
setting-up-experiment-tracking
Implement machine learning experiment tracking using MLflow or Weights & Biases. Configures environment and provides code for logging parameters, metrics, and artifacts. Use when asked to "setup experiment tracking" or "initialize MLflow". Trigger with relevant phrases based on skill purpose.
setting-up-distributed-tracing
Execute this skill automates the setup of distributed tracing for microservices. it helps developers implement end-to-end request visibility by configuring context propagation, span creation, trace collection, and analysis. use this skill when the user re... Use when appropriate context detected. Trigger with relevant phrases based on skill purpose.