Add ot-security-assessment skill for OT/ICS security assessment

[Mar8x]

Description

Operational Technology (OT) security assessment using a two-stage methodology for OT/ICS device discovery and vulnerability assessment:

• Conducting authorized OT/ICS security assessments
• Identifying and enumerating OT protocols (Modbus, S7, IEC 104, DNP3, BACnet, EtherNet/IP)
• Discovering industrial control devices and PLCs
• Assessing OT protocol vulnerabilities and security weaknesses
• Performing compliance scanning aligned with IEC 62443 standards
• Validating network segmentation and access controls in OT environments

Type of Change

• New skill
• Bug fix
• Documentation update
• Enhancement to existing skill
• Infrastructure/tooling improvement

Checklist

General Requirements

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation

For New Skills

• Skill initialized using ./scripts/init_skill.sh or from _template/
• SKILL.md frontmatter has all required fields (name, description, version, maintainer, category, tags, frameworks)
• Description includes specific "Use when:" clause with use cases
• Version follows semantic versioning (new skills start at 0.1.0)
• Category matches skill's primary domain
• All bundled scripts are tested and executable
• Security considerations are documented
• No sensitive data or credentials included
• Validation passes: ./scripts/validate_skill.py skills/<category>/<skill-name>
• README.md updated with skill entry under appropriate category section
• marketplace.json updated with skill path under appropriate plugin

For Documentation Updates

• Changes are accurate and clear
• Links are valid and working
• Formatting is consistent with existing documentation

Testing Performed

• Tested all scripts execute without errors
• Validated against real security scenarios
• Ran validation script successfully

Additional Notes

This came basically into existing with the project https://github.com/i8void/opel/. From there on I hade designed it as a additional tool for the opel, hence I thought contribution to this repo would be useful. Consider one of the runs with claude and the generated report from the lab:

• https://github.com/i8void/opel/blob/main/claude/example_claude_report.md

Related Issues

Closes #

[skyopsai]

Hey @Mar8x thank you for your submission.
I noticed several wget/curl commands from unverified source.
Would you mind ensuring that all necessary code reside in the repo, As scripts we can review?

[Mar8x]

Hi @skyopsai - ok I see. I will add the NSE script to the repo, however the other curl commands querying NVD/mitre/cisa for vulnerabilities (see the curl commands) - they not contain code but vulnerability descriptions.

[Mar8x]

Please review @skyopsai