How does it handle Python dependency security?

It utilizes industry-standard tools like pip-audit and safety check to scan your environment for packages with known security vulnerabilities.

What types of secrets can this skill detect?

The skill scans for a wide range of sensitive data including API keys, AWS credentials, database passwords, and private keys like .pem or .key files.

When should I run a security scan?

It is best practice to run the scan before every commit, during peer code reviews, and as part of a pre-release security audit.

Can this skill help prevent SQL injection?

Yes, it identifies unsafe string concatenation in database queries and suggests secure, parameterized alternatives to prevent injection attacks.

Quality Security Scan

Name: Quality Security Scan
Author: mvillmow

bymvillmow

•

セキュリティとテスト

Identifies security vulnerabilities, hardcoded secrets, and unsafe coding patterns to ensure code integrity and prevent data leaks.

概要

The Quality Security Scan skill empowers Claude to perform comprehensive security audits within your development environment. It specializes in detecting exposed secrets like API keys and private keys, identifying vulnerable Python dependencies via pip-audit, and flagging risky code patterns such as SQL injection or path traversal vulnerabilities. By integrating automated scripts and best practice guidance, this skill helps developers maintain a rigorous security posture, ensuring that sensitive data remains protected and codebases comply with modern security standards before every commit.

主な機能

Identification of unsafe code patterns including SQL injection and path traversal
Guidance on refactoring hardcoded credentials into secure environment variables
12 GitHub stars
Dependency vulnerability scanning using pip-audit and safety check
Automated secret detection for API keys, AWS credentials, and private keys
Validation of .gitignore configurations to prevent accidental sensitive file commits

ユースケース

Auditing legacy codebases for hardcoded credentials and unvalidated user inputs
Reviewing third-party Python dependencies for known security vulnerabilities
Performing a comprehensive security audit before committing sensitive code to a repository

概要

主な機能

Identification of unsafe code patterns including SQL injection and path traversal
Guidance on refactoring hardcoded credentials into secure environment variables
12 GitHub stars
Dependency vulnerability scanning using pip-audit and safety check
Automated secret detection for API keys, AWS credentials, and private keys
Validation of .gitignore configurations to prevent accidental sensitive file commits

ユースケース

Auditing legacy codebases for hardcoded credentials and unvalidated user inputs
Reviewing third-party Python dependencies for known security vulnerabilities
Performing a comprehensive security audit before committing sensitive code to a repository