Search everything...

Stats

Actions

Available In

kuzushi-security-plugin

Name: kuzushi-security-plugin
Author: allsmog

By allsmog

Local-first vulnerability confirmation and remediation pipeline for Claude Code: context, x-ray, PASTA threat model, CVE threat-intel, SAST/taint, invariant testing, adversarial hunting, memory exploitability, fuzz proof, rule synthesis, SARIF, and PoC⁺ patch validation behind a hardened policy plane. Operates on source you have on disk, with no hosted service, live target, proxy, or traffic capture.

npx claudepluginhub allsmog/kuzushi-security-plugin --plugin kuzushi-security-plugin

Popularity

Stars

Med: 0·Avg: 285

Installs

Med: 0·Avg: 1

What's Inside

Agents36

authz-reviewer

/authz-reviewer

Authorization-model review. For each endpoint / object-access candidate, determine whether an authorization + ownership check actually protects the action — find missing authz (CWE-862), IDOR / broken object-level authz (CWE-639), privilege escalation, and broken ownership. Assign finding / candidate / rejected with file:line evidence. Read-only — promotes verdicts into .kuzushi/findings.json (source 'authz').

binary-recon

/binary-recon

Read-only static triage of compiled binaries (ELF / PE / Mach-O). For each detected binary and its read-only signals (dangerous imported symbols, writable+executable segments, hardening gaps from nm/readelf/objdump), judge whether the signal is a real exposure in context and tie it to source. Assign finding / candidate / rejected with the binary path as evidence. Assessment only — no execution, no exploit-oriented disassembly. Promotes into .kuzushi/findings.json (source 'binary-recon').

chain-finder

/chain-finder

Proactive attack-path engine. SEARCHES for ordered entry→…→asset paths where each step is enabled by a finding — composing even sub-threshold (candidate/lead) primitives into a critical chain — using the threat-model assets, the attacker-reachable entry points, and the reachability graph. Also composes already-confirmed findings (precondition → pivot → impact). Does NOT invent findings or change their status; it overlays chains on the findings index.

context-analyst

/context-analyst

Deep system-understanding pass BEFORE vulnerability work. Reads the codebase line-by-line where it matters and builds a grounded model — modules, entry points, actors, trust boundaries, data stores, and system invariants — with file:line evidence. Context only: it never finds vulns, proposes fixes, or assigns severity. Writes .kuzushi/deep-context.json.

crypto-reviewer

/crypto-reviewer

Crypto-misuse review: non-constant-time comparison of secrets (timing side-channels), missing or compiler-elidable zeroization of secrets, and non-cryptographic RNG used to mint secrets. For each candidate, confirm the value is secret-derived, assess the leak/weakness, and assign finding / candidate / rejected with file:line evidence. Read-only — promotes verdicts into .kuzushi/findings.json (source 'crypto-review').

Skills45

benchmark

/benchmark

Measure recall / precision / false-proof rate of the pipeline against a ground-truth manifest. Scores either the bundled planted-vulnerability corpus (regression) or a live run's findings.json against a manifest you supply. Deterministic — no agent, no network. Use to prove a change to the producers helps rather than hurts.

binary-recon

/binary-recon

Read-only static triage of compiled binaries (ELF / PE / Mach-O). Detects them by magic bytes, then surfaces dangerous imported symbols, writable+executable segments, and hardening gaps via on-PATH binutils (nm / readelf / objdump). Assessment only — no execution, no exploit-oriented disassembly. Promotes verdicts into .kuzushi/findings.json (source "binary-recon").

build-databases

/build-databases

Build the heavy semantic indexes the codeql/joern backends query — a CodeQL database (per detected language) and a Joern CPG — under .kuzushi/. Runs asynchronously in the background (doesn't block the session); installs the CLI first if missing. Pass "codeql" or "joern" to build just one.

chain

/chain

Proactive attack-path engine. The chain-finder agent SEARCHES for ordered entry→…→asset attack paths where each step is enabled by a finding — composing even sub-threshold (candidate/lead) primitives into a critical chain — using the threat-model assets, attacker-reachable entry points, and the reachability graph. Records each path (ordered narrative + member fingerprints) in .kuzushi/chains.json and attaches a `chains` ref onto each member (status unchanged). Needs ≥2 live findings.

code-graph

/code-graph

Build a cached code-graph (.kuzushi/code-graph.json) — entry points + per-symbol caller counts (blast-radius / attack-surface signal) — so producers like /diff-review query it instead of re-deriving caller info live. Uses real Joern call edges when a CPG is built, else a deterministic ripgrep heuristic (no heavy tooling required). Re-run after large code changes.

Hooks1

Event Hooks

Bash

File writes

3 hooks across 2 events

MCP Servers7

LSP Servers6

${CLAUDE_PLUGIN_ROOT}/bin/gopls

java

${CLAUDE_PLUGIN_ROOT}/bin/jdtls

typescript

${CLAUDE_PLUGIN_ROOT}/node_modules/.bin/typescript-language-server

python

${CLAUDE_PLUGIN_ROOT}/node_modules/.bin/pyright-langserver

rust

${CLAUDE_PLUGIN_ROOT}/bin/rust-analyzer

Stats

Version0.8.0

LanguageJavaScript

Stars0

MaintenanceExcellent

LicenseMIT

Last CommitJun 12, 2026

AddedMay 27, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).

Available In

kuzushi-security

Safety Signals

Critical

Admin access level

Server config contains admin-level keywords

Caution

Executes bash commands

Hook triggers when Bash tool is used

README

kuzushi-security-plugin

Security review that proves it or drops it — inside Claude Code.

Most AI security tools cry wolf. kuzushi makes every finding earn its place — it traces the source→sink path, reconstructs the exploit, proves it with a sandboxed PoC, and validates the patch against that exploit — then benchmarks its own recall against planted CVEs so it can tell you what it missed.

🔬 Proof, not hits. Findings climb a proof ladder — traced → exploit reconstructed → sandboxed PoC → patch validated. Not "the scanner said so."
🚫 It won't fool you. Scored against planted bugs and decoys with a hard zero-false-proof gate; it reports its own misses instead of hiding them.
🔒 Local & network-denied by default. Runs on the source you already have checked out; every artifact stays under .kuzushi/.
🧪 Real techniques, not vibes. Borrows the AIxCC playbook — obligation discharge, sanitizer execution proof, and scoped-CPG dataflow.

kuzushi benchmarks its own recall — npm run bench scoreboard

Point it at source you already have checked out and kuzushi turns security review into a reproducible evidence pipeline: map the code, threat-model it, hunt source-to-sink paths, verify exploitability, build sandboxed proof, synthesize variant rules, and validate patches before they touch your working tree.

kuzushi is built for maintainers and product-security teams who need answers they can ship:

Is it real? Findings advance through explicit proof states instead of staying as scanner hits.
Can I reproduce it? Verification, PoC, fuzz, rule-pack, and patch artifacts stay under .kuzushi/ with provenance and policy digests.
Can I fix it safely? /fix validates exploit regression, functional behavior, and supported semantic oracles in a sandbox copy before apply.
Can I trust the workflow? The plugin is local-first, policy-gated, network-denied by default for locked profiles, and designed for auditable CI/SARIF output.

It is self-contained Node (no daemon, no hosted service): plain stdio MCP servers, skills, agents, schemas, and a SessionStart hook wire up Tree-sitter, Semgrep, CodeQL, Joern, fuzz harnesses, and language tooling only when the repo needs them.

context ─► x-ray ─► threat-model ─► threat-intel ─► ┌ invariant-test ┐ ─► findings.json ─► verify ─► poc ─► fix ─► report
 (langs,    (entry    (PASTA DFD +    (CVEs for       └ threat-hunt   ┘     (open          (exploit-  (sandbox- (PoC⁺   (fix-first
  deps)      points)   threats)        stack + peers)  (adversarial)         findings)      ability)    proven)   patch)  report)
                                                                                  │
                                                                                  └─► mem-exploitability
                                                                                      (memory-corruption tier
                                                                                       + mitigation posture)

Each step writes an artifact under .kuzushi/ that the next step consumes. You stay in control: heavy or outbound steps ask first, and everything runs against your local repo.

Scope & boundaries

This is a local source-code tool with static-first analysis and sandboxed dynamic proof for harnessable targets. How complete that is depends on what you point it at.

Always in scope (any target with source on disk): PASTA threat model, version-checked CVE intel, source→sink taint analysis, adversarial guard-bypass review, static exploitability verdicts, memory-corruption exploitability assessment, and a sandboxed PoC harness.

Web apps / HTTP services — the plugin covers the static half of a grey-box review. Pair it with a dynamic tool (Burp / DAST) for the rest: browsing the live app, mapping observed traffic (endpoints, parameters, cookies, roles) to handlers, and triggering against a running target. None of that lives here.

View full README on GitHub

kuzushi-security-plugin

Popularity

What's Inside

Confidence

README

kuzushi-security-plugin

Scope & boundaries

Similar Plugins

everything-claude-code

ecc

fullstack-dev-skills

dotnet-skills

reverse-engineering

octo

More by allsmog

vuln-scout

shinsa

randori

kuzushi-security-plugin

Scope & boundaries

Popularity

Health & Quality

More by allsmog

vuln-scout

shinsa

randori

Similar Plugins

everything-claude-code

ecc

fullstack-dev-skills

dotnet-skills

reverse-engineering

octo