How does this skill detect malicious code?

It analyzes source files and install scripts for patterns like hardcoded IPs, obfuscated strings, and unauthorized file access.

Can it check for typosquatting in dependencies?

Yes, it reviews dependency manifests like package.json or requirements.txt to identify misspelled package names or suspicious third-party sources.

What files does it analyze during a review?

It examines common installation files including shell scripts (.sh), setup.py, Makefiles, and package manager configurations (package.json, go.mod, etc.).

Does it identify data exfiltration attempts?

Yes, it specifically looks for network calls to non-official destinations and code that attempts to read sensitive files like SSH keys or browser data.

Is this a replacement for a professional security audit?

While thorough, it serves as a high-level automated review to flag red flags and should be used as part of a broader security workflow.

Repository Security Auditor

Name: Repository Security Auditor
Author: jbdamask

byjbdamask

•

セキュリティとテスト

Performs comprehensive security audits on GitHub repositories to detect malicious code, data exfiltration, and suspicious dependencies before installation.

概要

The Repository Security Auditor skill enables Claude to evaluate the safety of open-source projects by systematically analyzing installation scripts, source code, and project dependencies. It identifies high-risk red flags such as obfuscated code, unauthorized network calls to unknown hosts, sensitive file access (like SSH keys or AWS credentials), and typosquatted packages. By providing a structured report with a clear safety verdict, this skill helps developers and security researchers mitigate the risks of supply chain attacks and malicious software before any code is executed on their local machine.

主な機能

Analyzes installation scripts for malicious shell commands and remote code execution.
Scans dependency manifests for typosquatting, telemetry packages, and untrusted sources.
1 GitHub stars
Identifies unauthorized network activity and data exfiltration patterns in source code.
Detects obfuscated payloads, hidden file creation, and suspicious environment variable harvesting.
Generates structured security assessments with clear safety status and recommendations.

ユースケース

Verifying the safety of a new open-source tool before running an install script.
Reviewing complex codebases for hardcoded IP addresses or suspicious outbound network calls.
Auditing project dependencies for hidden tracking or telemetry packages.

概要

主な機能

Analyzes installation scripts for malicious shell commands and remote code execution.
Scans dependency manifests for typosquatting, telemetry packages, and untrusted sources.
1 GitHub stars
Identifies unauthorized network activity and data exfiltration patterns in source code.
Detects obfuscated payloads, hidden file creation, and suspicious environment variable harvesting.
Generates structured security assessments with clear safety status and recommendations.

ユースケース

Verifying the safety of a new open-source tool before running an install script.
Reviewing complex codebases for hardcoded IP addresses or suspicious outbound network calls.
Auditing project dependencies for hidden tracking or telemetry packages.