Headless Cloud Security Release Notes
Headless Cloud Security is available in Public Beta. Contact your Sysdig representative for more information.
0.1.0 May 06, 2026
Sysdig Headless Cloud Security (Public Beta)
Sysdig Headless Cloud Security packages Sysdig cloud security workflows as reusable agent skills that run inside AI coding agents such as Claude Code. The integration enables users to onboard environments, investigate vulnerabilities and runtime threats, remediate risks, and manage posture workflows without leaving their AI environment.
Install in Claude Code
/plugin marketplace add sysdig/skills/plugin install headless-cloud-security@sysdig-skills
New Skills
sysdig-onboarding
Added the sysdig-onboarding skill for onboarding cloud accounts and Kubernetes clusters into Sysdig Secure.
The skill can:
- Guide you through onboarding interactively or through an autonomous workflow
- Generate Terraform configurations for cloud account onboarding
- Generate Helm values for Kubernetes onboarding
- Validate prerequisites
- Deploy onboarding configurations
- Verify connectivity after deployment
sysdig-investigate
Added the sysdig-investigate skill for identifying and prioritizing vulnerable container images in Sysdig-monitored environments.
The skill can:
- Rank vulnerable images using configurable risk metrics
- Generate remediation plans
- Create tracking tickets in Jira, Linear, or GitHub Projects
- Recommend assignees using Sysdig risk and exposure signals
- Hand off remediation workflows to
sysdig-remediate
sysdig-remediate
Added the sysdig-remediate skill for remediating vulnerable container images.
The skill can:
- Retrieve Critical and High CVEs from Sysdig
- Identify safe fix versions through dependency chain analysis
- Generate minimal remediation patches
- Open pull requests or merge requests in GitHub or GitLab
- Generate
.patchfiles for local repositories - Persist image-to-repository mappings and reviewer history across sessions
sysdig-posture
Added the sysdig-posture skill for authoring Sysdig Secure Posture custom controls and policies.
The skill supports:
- Rego-based custom control authoring
- Custom policy creation
- Terraform generation using the Sysdig Terraform provider
- Rego validation
- Policy and control discovery workflows
API access is read-only. All configuration changes are managed through Terraform.
sysdig-runtime-investigate
Added the sysdig-runtime-investigate skill for investigating runtime threats detected by Sysdig.
The skill can:
- Identify the highest-priority runtime threat
- Enumerate affected container images
- Correlate runtime activity with vulnerabilities
- Analyze network blast radius
- Perform VirusTotal lookups for suspicious binaries
- Escalate investigations to Jira or PagerDuty workflows
Known Issues
- The
sysdig-onboardingskill is currently optimized for AWS environments. Expanded Azure and GCP support is planned for upcoming releases. - Claude Code is the primary supported AI coding agent, and the skills are optimized for its capabilities.
- Other MCP-compatible agents, including Cursor, OpenAI Codex, and OpenCode, can use the skills through the
npx skillsCLI command, but are not officially supported at this time.
