Claude Agents Marketplace
← Back to Skills
skillClaude Code ≥ 1.0/security-scan

security-scan

Run security scan — dependency audit + secret detection + code analysis

  • security

Install

~/.claude/skills/security-scan/SKILL.md
Run a comprehensive security scan on the current project (or all if $ARGUMENTS is "all"):

1. **Dependencies**: `npm audit` for known vulnerabilities
2. **Secrets**: grep for API keys, tokens, passwords in source code (not .env)
3. **Code analysis**: launch `security-engineer` agent to review auth, input validation, XSS, injection
4. **HTTPS**: check for hardcoded HTTP URLs

Output a security report with severity ratings and fix recommendations.

Paste into ~/.claude/skills/security-scan/SKILL.md and Claude Code will pick it up on next session.

Definition

Run a comprehensive security scan on the current project (or all if $ARGUMENTS is "all"):

  1. Dependencies: npm audit for known vulnerabilities
  2. Secrets: grep for API keys, tokens, passwords in source code (not .env)
  3. Code analysis: launch security-engineer agent to review auth, input validation, XSS, injection
  4. HTTPS: check for hardcoded HTTP URLs

Output a security report with severity ratings and fix recommendations.