Skip to content

CyberICS0lutionS/ot-tabletop-skills

BranchesTags

Repository files navigation

CyberICS OT/ICS Tabletop Skills

Agent Skills for operational technology (OT) and industrial control system (ICS) cybersecurity practitioners.

agentskills.io License: MIT

Published by CyberICS Solutions — the OT/ICS tabletop exercise and compliance readiness platform for critical infrastructure.

What's in this repo

Seven skills covering the full OT/ICS tabletop exercise lifecycle — from running an exercise, through incident response, to regulatory compliance mapping.

Skill What it does
ot-tabletop-facilitator Run a complete OT/ICS tabletop exercise with structured phases, injects, hotwash, and gap capture
ot-incident-response-workflow Guide an OT/ICS incident through 6 operational phases: Scoping → Detection → Containment → Eradication → Recovery → Notification
ics-attack-mapper Map threats and scenarios to MITRE ATT&CK for ICS tactics and techniques
ot-gap-analyzer Identify and score OT security capability gaps from exercise outcomes
ot-compliance-mapper Map gaps to NERC CIP, NIS2, IEC 62443, CMMC 2.0, CISA CPG, and NIST SP 800-82 controls
purdue-model-reviewer Review network architecture against the Purdue Model, identify segmentation gaps
ot-aar-generator Generate structured After-Action Reviews with gap findings and compliance implications

Quick install

Claude Code

/skills install https://github.com/cyberics/ot-tabletop-skills

VS Code / GitHub Copilot

Copy the skill folder(s) into .agents/skills/ in your project.

Any agentskills.io-compatible agent

Skills follow the agentskills.io open standard. Drop any skill folder into your agent's configured skills directory.

Who these skills are for

  • OT/ICS security teams at energy, water, manufacturing, transportation, and critical infrastructure organizations
  • MSSPs and consultants facilitating tabletop exercises for industrial clients
  • Compliance teams mapping exercise evidence to NERC CIP, NIS2, IEC 62443, CMMC 2.0, or CISA CPG
  • AI-assisted practitioners using coding agents (Claude, Copilot, Gemini CLI, Cursor, etc.) in their security workflow

Platform integration

These skills are designed to work standalone or with the CyberICS platform for:

  • A library of 335+ pre-built OT/ICS scenarios across 24 sectors and 6 languages
  • AI-generated After-Action Reviews and gap analysis
  • Compliance evidence packages (NIS2, NERC CIP, IEC 62443, CMMC 2.0, ISO 27001, HIPAA)
  • Live session hosting with real-time participant injects

Contributing

Corrections, new scenarios, sector-specific gotchas, and regulatory updates are welcome. Open an issue or PR.

License

MIT — see LICENSE. Platform API calls require a CyberICS account.

About

7 OT/ICS tabletop exercise skills for AI agents — follows agentskills.io spec. Compatible with Claude Code, GitHub Copilot, Cursor, VS Code, Gemini CLI, and 30+ agent platforms.

Topics

cybersecurity scada critical-infrastructure ics-security ai-agent nis2 ot-security iec-62443 nerc-cip agentskills tabletop-exercise

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors