Stats
Actions
Tags
From sentinel
Assesses project security surface by detecting tech stack, package managers, security tooling, and integrations. Generates .claude/sentinel.json config. Run once per project.
How this skill is triggered — by the user, by Claude, or both
Slash command
/sentinel:assessThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Assess the project's security surface and bootstrap Sentinel configuration by detecting the tech stack, available package managers, system installers, and security tooling.
Assess the project's security surface and bootstrap Sentinel configuration by detecting the tech stack, available package managers, system installers, and security tooling.
Load each step through the fetch command (handles caching, decryption, and auth):
"~/.composure/bin/composure-fetch.mjs" skill sentinel assess {step-filename}
Do NOT read cache files directly — they are encrypted at rest. Always use the fetch command above.
| # | File |
|---|---|
| 1 | 01-detect-stack.md |
| 2 | 02-detect-pkg-managers.md |
| 3 | 03-check-security-tools.md |
| 4 | 04-detect-integrations.md |
| 5 | 05-config-and-report.md |
npx claudepluginhub hrconsultnj/claude-plugins --plugin sentinelScans local projects for dependency vulnerabilities (SCA), code security patterns (SAST), leaked secrets, auth/crypto flaws, misconfigs, supply chain risks, CI/CD issues. Generates prioritized report with remediation guidance.
Checks and configures security scanning for dependency audits, SAST, and secrets. Supports package.json, pyproject.toml, Cargo.toml, go.mod; sets up Dependabot, CodeQL, Gitleaks.