Back to Skills

zero-trust

verified

Zero Trust architecture principles including ZTNA, micro-segmentation, identity-first security, continuous verification, and BeyondCorp patterns. Use when designing network security, implementing identity-based access, or building cloud-native applications with zero trust principles.

View on GitHub

Marketplace

melodic-software

melodic-software/claude-code-plugins

Plugin

security

Repository
Verified Org

melodic-software/claude-code-plugins
13stars

plugins/security/skills/zero-trust/SKILL.md

Last Verified

January 21, 2026

Install Skill

Select agents to install to:

Scope:
npx add-skill https://github.com/melodic-software/claude-code-plugins/blob/main/plugins/security/skills/zero-trust/SKILL.md -a claude-code --skill zero-trust

Installation paths:

Claude
.claude/skills/zero-trust/
Powered by add-skill CLI

Instructions

# Zero Trust Architecture

## Overview

Zero Trust is a security model that assumes no implicit trust based on network location. Every access request is fully authenticated, authorized, and encrypted regardless of origin.

**Keywords:** zero trust, ZTNA, micro-segmentation, identity-first, continuous verification, BeyondCorp, never trust always verify, least privilege, mTLS, service mesh, identity proxy

## When to Use This Skill

- Designing network security architecture
- Implementing identity-based access control
- Setting up micro-segmentation
- Configuring service-to-service authentication
- Building BeyondCorp-style access
- Implementing continuous verification
- Designing cloud-native security

## Zero Trust Principles

| Principle | Description | Implementation |
| --- | --- | --- |
| **Never Trust, Always Verify** | No implicit trust based on network | Authenticate every request |
| **Least Privilege** | Minimum necessary access | Role-based, time-limited access |
| **Assume Breach** | Design for compromise | Micro-segmentation, blast radius reduction |
| **Verify Explicitly** | All signals for authorization | Identity, device, location, behavior |
| **Continuous Verification** | Don't trust past authentication | Session validation, risk-based re-auth |

## Zero Trust Architecture Components

```text
┌─────────────────────────────────────────────────────────────────┐
│                    ZERO TRUST ARCHITECTURE                       │
├─────────────────────────────────────────────────────────────────┤
│                                                                  │
│  ┌────────────┐    ┌─────────────┐    ┌──────────────────────┐  │
│  │   USER     │───▶│  IDENTITY   │───▶│  POLICY ENGINE       │  │
│  │  + Device  │    │   PROXY     │    │  (Context Analysis)  │  │
│  └────────────┘    └─────────────┘    └──────────┬───────────┘  │
│                                                   │              │
│                           ┌───────────────────────┘

Validation Details

Front Matter
Required Fields
Valid Name Format
Valid Description
Has Sections
Allowed Tools
Instruction Length:
24758 chars