HVE Core - Security Planning
Security plan creation, incident response, and risk assessment
Create comprehensive security plans, incident response procedures, and risk assessments for cloud and hybrid environments.
[!CAUTION]
The security agents and prompts in this collection are assistive tools only. They do not replace professional security tooling (SAST, DAST, SCA, penetration testing, compliance scanners) or qualified human review. All AI-generated security artifacts must be reviewed and validated by qualified security professionals before use. AI outputs may contain inaccuracies, miss critical threats, or produce recommendations that are incomplete or inappropriate for your environment.
This collection includes agents and prompts for:
- Security Plan Creation — Generate threat models and security architecture documents
- Incident Response — Build incident response runbooks and playbooks
- Risk Assessment — Evaluate security risks with structured assessment frameworks
- Root Cause Analysis — Structured RCA templates and guided analysis workflows
Included Artifacts
Chat Agents
| Name |
Description |
| security-plan-creator |
Expert security architect for creating comprehensive cloud security plans |
Prompts
| Name |
Description |
| incident-response |
Incident response workflow for Azure operations scenarios |
| risk-register |
Creates a concise and well-structured qualitative risk register using a Probability × Impact (P×I) risk matrix. |
Instructions
| Name |
Description |
| shared/hve-core-location |
Important: hve-core is the repository containing this instruction file; Guidance: if a referenced prompt, instructions, agent, or script is missing in the current directory, fall back to this hve-core location by walking up this file's directory tree. |
Getting Started
After installing this extension, the chat agents are available in GitHub Copilot Chat:
- Use custom agents by selecting the custom agent from the agent picker drop-down list in Copilot Chat
- Apply prompts through the Copilot Chat interface
- Reference instructions — they are automatically applied based on file patterns
Post-Installation Setup
Some chat agents create workflow artifacts in your project directory. See the installation guide for recommended .gitignore configuration and other setup details.
Pre-release Channel
HVE Core offers two installation channels:
| Channel |
Description |
Maturity Levels |
| Stable |
Production-ready artifacts only |
stable |
| Pre-release |
Early access to new features and experimental artifacts |
stable, preview, experimental |
To install the pre-release version, select Install Pre-Release Version from the extension page in VS Code.
Full Edition
Looking for more agents covering additional domains? Check out the full HVE Core extension.
Requirements
- VS Code version 1.106.1 or higher
- GitHub Copilot extension
License
MIT License - see LICENSE for details
Support
For issues, questions, or contributions, visit the GitHub repository.
Brought to you by Microsoft ISE HVE Essentials
