Stats
Actions
Tags
From security-agent
Scans codebases for vulnerabilities like SQL injection, XSS, auth flaws, insecure deps, and secrets using grep and bash. Generates severity-rated reports with file locations, explanations, and fixes.
How this skill is triggered — by the user, by Claude, or both
Slash command
/security-agent:performing-security-code-reviewThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Conducts security-focused code reviews by scanning source files for common vulnerability patterns including SQL injection, XSS, authentication flaws, insecure dependencies, and secret exposure. Produces structured severity-rated reports with specific remediation guidance.
Conducts security-focused code reviews by scanning source files for common vulnerability patterns including SQL injection, XSS, authentication flaws, insecure dependencies, and secret exposure. Produces structured severity-rated reports with specific remediation guidance.
grep available on PATH for pattern matchingpackage.json or equivalent dependency manifest for dependency auditingAKIA...), and private key headers (BEGIN PRIVATE KEY)..env files or configuration files containing plaintext secrets.eval(), exec(), or Function() calls with dynamic input (code injection risk).npm audit or equivalent package manager audit command.A structured security review report containing:
| Error | Cause | Solution |
|---|---|---|
| No source files found | Incorrect scope path or empty directory | Verify the target directory path and confirm it contains source files |
| Binary files in scan | Non-text files matched by search patterns | Exclude binary extensions and node_modules/ from scans |
| Dependency manifest missing | No package.json, requirements.txt, or equivalent | Skip dependency audit; note in report that dependency analysis was not possible |
| Permission denied on files | Restricted file access | Request read permissions or narrow the review scope to accessible files |
| False positive on secret pattern | Benign string matching secret regex | Verify context before reporting; mark as potential false positive if the match appears in test fixtures or documentation |
SQL injection review:
Trigger: "Review this database query code for SQL injection vulnerabilities."
Process: Scan all files containing SQL query construction. Identify string concatenation with user input ("SELECT * FROM users WHERE id = " + userId). Report as High severity with remediation: use parameterized queries or prepared statements.
Dependency vulnerability scan:
Trigger: "Check this project's dependencies for known security vulnerabilities."
Process: Run npm audit on the project. Parse output for vulnerabilities. Report each finding with CVE identifier, affected package, installed version, and patched version. Recommend npm audit fix or manual version pinning.
Full codebase security audit: Trigger: "Run a security scan on this codebase." Process: Execute all seven scan categories (secrets, injection, auth, dependencies, communication, dangerous commands, obfuscation). Produce a comprehensive report with findings grouped by category and sorted by severity.
${CLAUDE_SKILL_DIR}/references/README.md -- bundled reference materialsnpx claudepluginhub jeremylongshore/claude-code-plugins-plus-skills --plugin security-agentScans codebases for exposed secrets, vulnerable dependencies, injection flaws, and OWASP Top 10 issues. Run before deploying, open-sourcing, or compliance audits.
Scans codebases for OWASP Top 10 vulnerabilities via static analysis: secret exposure, injection flaws, auth/authz gaps, supply-chain risks, misconfigurations, logging failures. Use before deployments, PR merges, auth/payment changes.