Can I generate security reports for compliance?

Yes, the skill includes built-in commands to generate comprehensive security audit reports in formats like Markdown, suitable for documentation and compliance reviews.

When is it best to trigger a security scan?

You should trigger a scan when implementing authentication, payment processing, user data handling, or creating new API endpoints to ensure secure coding patterns.

Does it handle dependency management security?

Yes, it features a CVE scanner that checks your project's dependencies against vulnerability databases and provides automated scripts for remediation.

What types of vulnerabilities can this skill detect?

The skill identifies a wide range of threats including SQL injection, cross-site scripting (XSS), path traversal, hardcoded secrets, and outdated dependencies with known CVEs.

Security Audit & Vulnerability Scanner

Name: Security Audit & Vulnerability Scanner
Author: nbossn

bynbossn

0•

セキュリティとテスト

Performs comprehensive security scanning and vulnerability detection to ensure codebase integrity and protection against common threats.

The Security Audit skill provides a robust suite of tools for Claude to identify and mitigate security risks across your entire application. From detecting common vulnerabilities like SQL injection and cross-site scripting (XSS) to scanning dependencies for known CVEs and identifying hardcoded secrets, this skill integrates comprehensive security checks directly into the development workflow. It is particularly valuable when handling sensitive data, implementing authentication logic, or preparing for production deployments, ensuring that code follows secure patterns and OWASP best practices.

主な機能

010 GitHub stars

02Input validation checks for API endpoints and user data handling

03Automated detection of SQL injection, XSS, and path traversal vulnerabilities

04Secret validation to prevent accidental leaks of hardcoded credentials

05Threat modeling analysis and comprehensive security report generation

06Real-time dependency scanning for known CVEs and security risks

ユースケース

01Auditing third-party dependencies for known security vulnerabilities

02Implementing and validating secure authentication and payment workflows

03Pre-deployment security verification for production-ready applications

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add nbossn/claude-code-base security-audit

For use in Claude.ai and ChatGPT

主な機能

010 GitHub stars

02Input validation checks for API endpoints and user data handling

03Automated detection of SQL injection, XSS, and path traversal vulnerabilities

04Secret validation to prevent accidental leaks of hardcoded credentials

05Threat modeling analysis and comprehensive security report generation

06Real-time dependency scanning for known CVEs and security risks

ユースケース

01Auditing third-party dependencies for known security vulnerabilities

02Implementing and validating secure authentication and payment workflows

03Pre-deployment security verification for production-ready applications