Stats
Actions
Tags
From security-guardian
Run comprehensive security scan on codebase for OWASP vulnerabilities
How this command is triggered — by the user, by Claude, or both
Slash command
/security-guardian:security-scanThe summary Claude sees in its command listing — used to decide when to auto-load this command
# /security-scan Scan your codebase for common security vulnerabilities. ## What I Need Tell me: - What language/framework is your project? - Any specific concerns (auth, API, data handling)? - Scope: full scan or specific files? ## Scan Coverage ### OWASP Top 10 Checks 1. **A01 - Injection** - SQL, NoSQL, Command injection 2. **A02 - Broken Auth** - Session management, passwords 3. **A03 - Sensitive Data** - Encryption, data exposure 4. **A04 - XXE** - XML processing vulnerabilities 5. **A05 - Access Control** - Authorization flaws 6. **A06 - Misconfig** - Security settings, defaults...
Scan your codebase for common security vulnerabilities.
Tell me:
I'll search for vulnerable patterns in your code:
I'll review your dependencies:
I'll check security settings:
I'll provide:
# Run with Semgrep
semgrep --config=p/owasp-top-ten .
# Check dependencies (npm)
npm audit
# Check dependencies (Python)
pip-audit
# Scan secrets
gitleaks detect --source .
npx claudepluginhub latestaiagents/agent-skills --plugin security-guardian/security-scanScans codebase for OWASP Top 10 vulnerabilities and common security patterns. Defaults to entire project or limits to specified path.
/check-owaspScans the current codebase for OWASP Top 10 vulnerabilities including injection, broken access control, and cryptographic failures, then outputs a security assessment with remediation advice.
/auditPerforms security audit of codebase for dependency vulnerabilities, secrets, OWASP Top 10, input validation, auth issues, and misconfigs. Outputs findings report by severity with fixes and references.
/security-scanScans codebase for vulnerabilities, hardcoded secrets, OWASP Top 10 compliance, and security best practices violations. Produces report with issues and fix recommendations.
/auditAudits project security: dependencies (npm/pip-audit), secrets (gitleaks), SAST (semgrep), OWASP Top 10; generates SECURITY_AUDIT.md, vulnerabilities.json, remediation-plan.md.
/scanScans current codebase for security vulnerabilities via SAST, dependency CVEs (npm/pip/composer), and config issues. Outputs structured report with severity ratings, findings, and remediation steps.