A reusable AI-assistant skill that assesses, reports, and helps remediate the hardening posture of Check Point Security Gateways and Management Servers. It is designed to run inside an AI agent (e.g. OpenCode / Claude) alongside the Check Point MCP servers, grounding every recommendation in official Check Point documentation and live-environment evidence.
The skill produces compliance reports, evidence packages, remediation plans, and safe
out-of-band implementation artifacts (mgmt_cli command sets, Gaia clish blocks, Gaia API
payloads, SmartConsole runbooks) — without making live changes unless explicitly approved.
- Versions in scope: R81.20, R82, R82.10
- Controls: 24 hardening controls (
CP-HARD-*) across 12 domains - Default posture: read-only assessment; remediation delivered as reviewable artifacts
- Format: Agent Skills compatible — each
SKILL.mdcarries YAML frontmatter (name+description), so it loads in Claude (Desktop/Code) and opencode
Pick a variant first. For most users, start with Standard:
cd skills/check-point-hardening
cp variants/SKILL.standard.md SKILL.mdThen install the skill into the harness-specific skills directory.
| Harness | Skills directory | Install commands | Notes |
|---|---|---|---|
| Claude Code / Claude Desktop style setups | ~/.claude/skills/check-point-hardening/ |
mkdir -p ~/.claude/skills/check-point-hardeningcp skills/check-point-hardening/SKILL.md ~/.claude/skills/check-point-hardening/SKILL.md |
If your Claude install uses a different skills directory, copy the same final SKILL.md there instead. |
| opencode | ~/.config/opencode/skills/check-point-hardening/ |
mkdir -p ~/.config/opencode/skills/check-point-hardeningcp skills/check-point-hardening/SKILL.md ~/.config/opencode/skills/check-point-hardening/SKILL.md |
Uses the same SKILL.md payload and YAML frontmatter format. |
| Other Agent Skills harnesses | Harness-specific | Copy the active SKILL.md into a folder named check-point-hardening under that harness's skills directory. |
Requires YAML-frontmatter-based skills support and separate Check Point MCP configuration. |
Minimum requirements:
- The file must be named exactly
SKILL.md - The folder name should match the skill name:
check-point-hardening - The harness must support YAML-frontmatter-based skills
- The Check Point MCP servers must be configured separately in that harness
After installation, try one of these prompts:
Create a Check Point hardening report for my R82 management server.Check this gateway's Gaia OS hardening with gw-cli.Compare our SmartConsole trusted-clients configuration to Check Point recommendations.Generate out-of-band commands to implement a stealth rule.
cp-hardening-skill/
├── README.md ← you are here
├── PROMPT.md original skill specification / design brief
└── skills/
└── check-point-hardening/
├── SKILL.md ACTIVE skill (Full variant by default)
└── variants/
├── SKILL.standard.md Standard variant (~39% smaller)
└── SKILL.lite.md Lite variant (~71% smaller)
The skill loader discovers the skill by the file named exactly SKILL.md inside
skills/check-point-hardening/. The files under variants/ are deliberately not named
SKILL.md, so they are not auto-discovered as separate skills — they are alternate payloads
you can swap in.
When activated, the skill guides the assistant through a grounded assessment workflow:
- Scope the target (product type, version, topology, criticality, compliance framework).
- Ground each control in the documentation MCP (official guidance, version applicability, caveats).
- Discover the environment with the live MCP servers (read-only).
- Map findings to control IDs with evidence, status, severity, and risk.
- Report posture (executive summary, control matrix, evidence appendix, roadmap).
- Plan remediation (per-control fix, validation, rollback, lockout/outage risk).
- Generate artifacts (dry-run scripts and API calls, out-of-band by default).
Gateway exposure (stealth/implied rules) · management-plane protection · administrator identity & access (MFA, trusted clients, roles) · third-party integration credentials · updates/JHF/health · Gaia OS hardening · dynamic routing (BGP/OSPF) · SNMPv3 · Expert mode governance · logging & audit / SIEM forwarding · LOM / out-of-band management · advanced hardening for high-security environments.
| MCP Server | Role |
|---|---|
| documentation MCP | Authoritative source of official guidance (used first; always cited) |
| management MCP | Management-plane discovery: gateways, policy, rules, admins, profiles, trusted clients, integrations |
| management logs MCP | Log/audit evidence: admin logins, failed logins, policy installs, stealth/implied rule hits |
| gw-cli MCP | Primary Gaia/gateway-local evidence: version/JHF, users/shells, allowed-client, SNMP, routing, syslog, NTP/DNS |
| threat-prevention MCP | IPS / Anti-Bot / Anti-Virus policy and update posture |
| HTTPS inspection MCP | Only when scope touches HTTPS inspection policy, certificates, or control-plane exposure |
- Default: all Check Point MCP servers are treated as read-only.
- Remediation: delivered as out-of-band artifacts for human review — never auto-executed.
- Execution: only through a confirmed write-capable path and with explicit user approval.
This model is the reason the skill is safe to point at production management servers: it assesses and prepares, but does not act, by default.
All three variants cover the same 24 controls and the same safety and anti-slop guardrails. They differ only in how much explanatory prose and per-domain detail they carry. Variant size matters because the skill payload loads into context every time it activates.
| Variant | File | Lines | ~Tokens | Best for |
|---|---|---|---|---|
| Full | skills/check-point-hardening/SKILL.md |
~1029 | ~15.7K | Formal/audit engagements, operator training, maximum per-domain detail, richest templates |
| Standard | variants/SKILL.standard.md |
~370 | ~9.6K | Day-to-day assessments; full domain coverage and all guardrails, duplication removed (~39% smaller) |
| Lite | variants/SKILL.lite.md |
~142 | ~4.6K | Token-constrained sessions, quick checks, running alongside other skills (~71% smaller) |
Token figures are estimates (~4 bytes/token).
| Element | Full | Standard | Lite |
|---|---|---|---|
| 24 control IDs + severities | ✅ | ✅ | ✅ |
| Severity model + posture scoring | ✅ full | ✅ full | ✅ condensed |
| MCP capability model (read-only / out-of-band / execution) | ✅ | ✅ | ✅ |
| All 12 hardening domains | ✅ Assess/Evidence/Remediation per domain | ✅ compact per domain | ✅ one dense line per domain |
| Safety + script generation rules | ✅ | ✅ | ✅ condensed |
| Anti-slop guardrails + stop conditions | ✅ | ✅ | ✅ condensed |
| Standalone + MDS scoping notes | ✅ | ✅ | ✅ |
| Output templates | ✅ full code blocks | ✅ full code blocks | ✅ column lists only |
| Control Definition Template (all status criteria) | ✅ table | ✅ inline | ✅ inline |
| Compliance / version / validation sections | ✅ | ✅ | ✅ condensed |
| Repeated MCP "which server does what" (×4 in Full) | present | merged to 1 table + workflow | merged to 1 table |
| Repeated read-only / out-of-band caveats | many | stated once, referenced | stated once |
Nothing safety-relevant or control-relevant is dropped in any variant. Lite trims worked examples, prose explanation, and template verbosity — not rules.
Recommendation: default to Standard for most engagements. Use Full for formal audits or operator training, and Lite when context budget is tight.
The loader uses the file named exactly SKILL.md. To switch variants, copy your choice over
SKILL.md (back up first):
cd skills/check-point-hardening
# back up the current active skill
cp SKILL.md SKILL.full.bak
# install Standard
cp variants/SKILL.standard.md SKILL.md
# or install Lite
cp variants/SKILL.lite.md SKILL.md
# restore Full
cp SKILL.full.bak SKILL.md- Ensure the Check Point MCP servers (at minimum documentation and one live server such as management or gw-cli) are configured in your agent environment.
- Place this skill where your agent discovers skills, or point the agent at
skills/check-point-hardening/. - Activate it with a hardening request, for example:
- "Create a Check Point hardening report for my R82 management server."
- "Check this gateway's Gaia OS hardening with gw-cli."
- "Compare our SmartConsole trusted-clients config to Check Point recommendations."
- "Generate the commands to add a stealth rule (out-of-band, for review)."
The assistant will ground guidance in the documentation MCP, collect read-only evidence, and return a report plus reviewable remediation artifacts. It will stop and ask before anything that could cause lockout or outage, and before any execution path.
- Read-only assessment first; remediation as reviewable artifacts; execution only with an explicitly confirmed write-capable path and user approval.
- No invented commands or API fields — syntax is verified against the documentation MCP, or clearly labeled as a template to verify.
- No secrets (SIC keys, passwords, tokens, community strings) in reports.
- Access-impacting changes (disable implied rules, restrict management access, modify admins, change routing, restrict LOM) require explicit confirmation and impact validation.
- Anti-slop guardrails: every finding maps to a control ID, a source of truth, and concrete
evidence; missing data becomes
Not Checked/Manual Review, never implied compliance.
When you change a control, safety rule, or domain, apply it to all three files. Use this map to find the matching section in each variant:
| Concept | Full (SKILL.md) |
Standard | Lite |
|---|---|---|---|
| Control IDs table | "Control Model → Control IDs" | "Control Model → Control IDs" | "Control IDs" |
| Control status criteria (incl. Not Checked / Manual Review) | "Control Definition Template" | "Control Definition Template" | paragraph after Control IDs table |
| Severity + scoring | "Severity and Risk Model" | "Severity and Risk Model" | "Severity & Scoring" |
| MCP access assumptions | "MCP Capability Model" | "MCP Capability Model" | "MCP Capability Model" |
| Which MCP for what | "MCP Role Clarification" + Phase 3 + Evidence Guide + Usage Pattern | "MCP Server Roles" (single) | "MCP Server Roles" (single) |
| Hardening domains | "Hardening Domains" (§1–12) | "Hardening Domains" (§1–12) | "Hardening Domains" (1–12) |
| Safety boundaries | "Non-Goals and Safety Boundaries" | "Non-Goals and Safety Boundaries" | "Safety Boundaries" |
| Script/command + gw-cli rules | "Script and Command Generation Rules" + "gw-cli MCP Safety Rules" | "Script and Command Generation Rules" (+ gw-cli subsection) | "Script & Command Rules" |
| Anti-slop + stop conditions | "Anti-Slop Guardrails" | "Anti-Slop Guardrails" | "Anti-Slop Guardrails" |
| Standalone / MDS notes | after Supported Products table | after pre-assessment table | "Scope Inputs" |
| Compliance / version / validation | three separate sections | three separate sections | "Tone, Compliance, Versions, Validation" |
- Control count identical across variants (currently 24) — verify with:
grep -oE 'CP-HARD-[A-Z]+-[0-9]+' <file> | sort -u | wc -l - Severity for a changed control matches in all three ID tables
- Scoring deduction values identical
- Any new safety/anti-slop rule added to all three
- No version-specific port/command numbers reintroduced as hard facts (must say "verify against documentation MCP")
- YAML frontmatter present in all three, with identical
name: check-point-hardening(onlymetadata.variantdiffers) anddescription≤ 1024 chars
- The authoritative source of truth is always the Check Point documentation MCP, not this repository. The hardening PDF and any cached guidance are bootstrap references only.
PROMPT.mdcontains the original design brief used to generate the skill, kept for provenance and future regeneration.- The skill intentionally avoids hard-coding version-specific ports, API fields, and command syntax as facts; those must be verified against the documentation MCP for the target release.
This project is an independent, community-built AI-assistant skill. It is not an official Check Point product and is not endorsed by or affiliated with Check Point Software Technologies Ltd. "Check Point", "Gaia", "SmartConsole", and related names are trademarks of their respective owners and are used here for descriptive purposes only.
The skill generates assessments and remediation suggestions that must be reviewed by a qualified administrator before use. Always validate guidance against official Check Point documentation and test changes in a non-production environment first. The authors accept no liability for outages, lockouts, or misconfigurations resulting from its use.
Contributions are welcome. Please read CONTRIBUTING.md — in particular the rule that changes must be applied across all three skill variants and must keep the control counts in sync.
Released under the MIT License. © 2026 Christian Sandberg.