How does it integrate with my existing workflow?

It is designed to trigger automatically during code reviews (via codex-review) whenever security-sensitive code like database queries or authentication logic is modified.

Which programming languages does the Security Scan support?

The skill provides specialized security patterns and checks for JavaScript, TypeScript, Go, and Python, though its core security logic can be applied to many other languages.

Does it provide automatic code fixes?

It provides specific 'Secure' code examples and remediation steps for every detected vulnerability, which can be applied to fix the identified issues immediately.

Does it scan for third-party library vulnerabilities?

Yes, it includes dependency analysis to look up known CVEs and identify vulnerable or outdated components in your project's package manifest.

Is the output available in English?

While the technical analysis is global, this specific skill is configured to provide its reports and remediation guidance in Japanese for the end user.

Automated Security Scan

Name: Automated Security Scan
Author: takumi12311123

bytakumi12311123

•

セキュリティとテスト

Performs comprehensive security audits to identify vulnerabilities and ensure secure coding practices across multiple programming languages.

概要

The Security Scan skill empowers Claude to act as a dedicated security auditor, performing deep static analysis to uncover OWASP Top 10 vulnerabilities, insecure dependency usage, and cryptographic failures. It is specifically designed to integrate with automated code review workflows, identifying risks like SQL injection and XSS while providing detailed remediation reports in Japanese. This skill is essential for developers who need to maintain high security standards without manual overhead, offering actionable code fixes for critical security gaps.

主な機能

Seamless integration with codex-review for automated checks
Cross-language support for JavaScript, TypeScript, Go, and Python
1 GitHub stars
Comprehensive OWASP Top 10 vulnerability detection
Dependency auditing to identify known CVEs and outdated packages
Detailed Japanese reporting with side-by-side 'Vulnerable vs Secure' code examples

ユースケース

Automating security compliance checks before deploying critical features to production
Auditing authentication and session management logic for privilege escalation risks
Identifying SQL injection and XSS risks in web applications during development

概要

主な機能

Seamless integration with codex-review for automated checks
Cross-language support for JavaScript, TypeScript, Go, and Python
1 GitHub stars
Comprehensive OWASP Top 10 vulnerability detection
Dependency auditing to identify known CVEs and outdated packages
Detailed Japanese reporting with side-by-side 'Vulnerable vs Secure' code examples

ユースケース

Automating security compliance checks before deploying critical features to production
Auditing authentication and session management logic for privilege escalation risks
Identifying SQL injection and XSS risks in web applications during development