CtrlK
BlogDocsLog inGet started
Tessl Logo

fastly-ngwaf

Performs an internal audit of Fastly Next-Gen WAF (NGWAF) workspaces to audit that critical templated protection rules are configured and enabled. Use when auditing NGWAF workspace security posture, checking for missing or disabled login protection rules (LOGINDISCOVERY, LOGINATTEMPT, LOGINSUCCESS, LOGINFAILURE), auditing credit card validation rules (CC-VAL-ATTEMPT, CC-VAL-FAILURE, CC-VAL-SUCCESS), auditing gift card protection rules (GC-VAL-ATTEMPT, GC-VAL-FAILURE, GC-VAL-SUCCESS), or identifying potential login endpoints not covered by NGWAF rules.

73

2.82x
Quality

60%

Does it follow best practices?

Impact

96%

2.82x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./skills/fastly-ngwaf/SKILL.md
SKILL.md
Quality
Evals
Security

Evaluation results

100%

90%

Automate Fastly NGWAF Security Compliance Checking

Write NGWAF audit script

Criteria
Without context
With context

Fastly-Key header

0%

100%

FASTLY_API_KEY env var

100%

100%

Workspace list endpoint

0%

100%

Rules list endpoint

0%

100%

Limit=200 parameter

0%

100%

Login signal coverage

0%

100%

CC-VAL signal coverage

0%

100%

GC-VAL signal coverage

0%

100%

LOGINDISCOVERY critical flag

0%

100%

Login path discovery

50%

100%

90%

23%

NGWAF Configuration Security Gap Analysis

Audit report from captured API data

Criteria
Without context
With context

Login signal audit

100%

100%

CC-VAL signal audit

61%

100%

GC-VAL signal audit

61%

100%

LOGINDISCOVERY critical

14%

100%

Disabled vs missing distinction

100%

100%

Configure recommendation

100%

100%

Enable recommendation

100%

100%

LOGINATTEMPT path note

25%

37%

Login path POST specifics

0%

0%

Both workspaces analyzed

100%

100%

100%

74%

Fastly NGWAF Security Audit Runbook

NGWAF audit runbook documentation

Criteria
Without context
With context

Login rule names

20%

100%

CC-VAL rule names

0%

100%

GC-VAL rule names

0%

100%

LOGINDISCOVERY critical severity

0%

100%

Enabled-status check

100%

100%

LOGINATTEMPT path discovery step

0%

100%

Fastly-Key authentication

0%

100%

Workspace-first workflow

100%

100%

Configure vs enable remediation

100%

100%

API pagination note

0%

100%

Repository
fastly/fastly-agent-toolkit
Commit

e0f4205

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

Automate Fastly NGWAF Security Compliance CheckingNGWAF Configuration Security Gap AnalysisFastly NGWAF Security Audit Runbook

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill