Stats
Actions
Tags
From harness-claude
Runs lightweight mechanical security scan for health checks using SecurityScanner, filtering by severity threshold. Supports --path, --severity, --changed-only options.
How this command is triggered — by the user, by Claude, or both
Slash command
/harness-claude:security-scan [--path <path>] [--severity <severity>] [--changed-only <changed-only>]commands/Files this command reads when invoked
This command is limited to the following tools:
The summary Claude sees in its command listing — used to decide when to auto-load this command
<!-- Generated by harness generate-slash-commands. Do not edit. --> <context> Cognitive mode: meticulous-implementer Type: rigid </context> <objective> Lightweight mechanical security scan for health checks Phases: - scan: Run SecurityScanner and filter by severity threshold </objective> <execution_context> @agents/skills/claude-code/harness-security-scan/SKILL.md @agents/skills/claude-code/harness-security-scan/skill.yaml </execution_context> <process> 1. Try: invoke mcp__harness__run_skill with skill: "harness-security-scan" 2. If MCP unavailable: read SKILL.md and follow its work...
Phases:
<execution_context> @agents/skills/claude-code/harness-security-scan/SKILL.md @agents/skills/claude-code/harness-security-scan/skill.yaml </execution_context>
1. Try: invoke mcp__harness__run_skill with skill: "harness-security-scan" 2. If MCP unavailable: read SKILL.md and follow its workflow directly 3. Pass through any arguments provided by the usernpx claudepluginhub intense-visions/harness-engineering --plugin harness-claude/scanRuns a multi-surface security scanner (SCA, secrets, authz, MCP, pipeline, logic, diff) with focused modes and supplementary output blocks. Exit codes convey severity.
/security-scanRuns AgentShield security scan against agent, hook, MCP, permission, and secret surfaces, producing a prioritized remediation plan with severity counts and fix suggestions.
/security-scanScans codebase for vulnerabilities, hardcoded secrets, OWASP Top 10 compliance, and security best practices violations. Produces report with issues and fix recommendations.
/security-scanRuns AgentShield security scanning on the current project or a specified path, detecting hardcoded secrets, broad permissions, executable hooks, and unsafe MCP configurations. Produces a prioritized fix plan with severity ratings and optional auto-fix.
/pentestRuns interactive security assessment on URL or codebase: confirms auth, scans web/dependencies/code, summarizes findings by severity, suggests prioritized fixes, generates JSON report.
/kasi-securityRuns security audit on project codebase: detects stack (PHP/Node/Python/etc.), loads checklist, scans files for SQLi/XSS/CSRF/auth bypass/etc., outputs prioritized findings with confidence labels.