Does it provide actual code fixes?

Yes, every vulnerability report includes a 'Suggested Fix' section with actionable code snippets to replace the insecure implementation.

Can it find exposed API keys and passwords?

Yes, the skill specifically scans for hardcoded secrets, credentials, and tokens that should be managed via environment variables or secret managers.

What vulnerabilities does the Security Scanner detect?

It detects a wide range of issues including SQL injection, XSS, hardcoded secrets, insecure authentication, missing input validation, CSRF, and path traversal.

How are security issues prioritized?

Issues are categorized into three levels: Must-Fix (critical risks like injection), Should-Fix (high-risk vulnerabilities), and Nice-to-Have (medium-risk improvements).

Security Scanner

Name: Security Scanner
Author: lexicalninja

bylexicalninja

0•

Seguridad y Pruebas

Scans code for critical security vulnerabilities and generates structured remediation reports with actionable fixes.

The Security Scanner skill empowers developers to identify and mitigate common security risks like SQL injection, XSS, and hardcoded secrets directly within their workflow. It performs deep analysis of source code to verify input validation, authentication logic, and dependency safety, providing detailed reports that include exact file paths and severity levels. By offering specific, production-ready remediation steps for every detected issue, it helps teams maintain a high security posture and prevent data breaches before code reaches production.

Características Principales

01Evaluates authentication, authorization, and input validation

02Generates production-ready secure code fixes for every issue

030 GitHub stars

04Provides structured reports with file paths and line numbers

05Detection of SQL injection, XSS, and CSRF vulnerabilities

06Scans for hardcoded API keys, tokens, and credentials

Casos de Uso

01Identifying and fixing security debt within legacy codebases

02Automating security audits during the pull request and code review process

03Verifying the safety of new API endpoints and database query logic

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add lexicalninja/my-little-scrum-team security-scanner

For use in Claude.ai and ChatGPT

Download Skill