fastly-ngwaf
Performs an internal audit of Fastly Next-Gen WAF (NGWAF) workspaces to audit that critical templated protection rules are configured and enabled. Use when auditing NGWAF workspace security posture, checking for missing or disabled login protection rules (LOGINDISCOVERY, LOGINATTEMPT, LOGINSUCCESS, LOGINFAILURE), auditing credit card validation rules (CC-VAL-ATTEMPT, CC-VAL-FAILURE, CC-VAL-SUCCESS), auditing gift card protection rules (GC-VAL-ATTEMPT, GC-VAL-FAILURE, GC-VAL-SUCCESS), or identifying potential login endpoints not covered by NGWAF rules.
96
96%
Does it follow best practices?
Impact
96%
1.29xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Evaluation results
100%
47%NGWAF Security Audit Script
NGWAF full workspace audit script
List workspaces endpoint
62%
100%
Fetch rules endpoint
62%
100%
Fastly-Key auth header
100%
100%
FASTLY_API_KEY env var
100%
100%
Login signals coverage
20%
100%
CC signals coverage
0%
100%
GC signals coverage
0%
100%
Section labels in output
25%
100%
ENABLED / NOT CONFIGURED / IS DISABLED states
12%
100%
jq for JSON parsing
100%
100%
Missing jq error handling
100%
100%
Missing FASTLY_API_KEY error
100%
100%
API failure error handling
100%
100%
90%
4%Generate an NGWAF Audit Report from Captured API Data
Audit report from offline API data
Per-workspace sections
100%
100%
LOGIN section label
100%
100%
CC section label
71%
100%
GC section label
71%
71%
ENABLED status
100%
100%
NOT CONFIGURED label
100%
100%
IS DISABLED label
100%
100%
LOGINDISCOVERY CRITICAL
16%
33%
Login endpoint gap note
100%
100%
Remediation recommendations
100%
100%
All signals checked
100%
100%
Output file created
100%
100%
100%
16%Login Endpoint Exposure Check for NGWAF Workspaces
Login endpoint gap discovery script
All four login signals checked
50%
100%
LOGINATTEMPT triggers endpoint search
100%
100%
Requests API endpoint
80%
100%
POST method filter
87%
100%
Login path filter
90%
100%
Time window filter
75%
100%
sort | uniq -c deduplication
100%
100%
Fastly-Key auth header
100%
100%
jq JSON parsing
100%
100%
Missing jq handling
100%
100%
Missing FASTLY_API_KEY handling
100%
100%
LOGINDISCOVERY CRITICAL note
0%
100%
- Repository
- fastly/fastly-agent-toolkit
- Commit
73af5b9
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.