Can this skill handle secret management?

Yes, it includes specialized workflows for encrypting secrets and validating that no sensitive keys or credentials are leaked into the source code.

What security tools does this skill support?

The skill integrates with industry-standard tools including Bandit, Semgrep, pip-audit, safety, and gitleaks for comprehensive vulnerability detection.

Does it validate my local development environment?

Absolutely. It can verify your GPG and SSH key configurations to ensure that your commits are properly signed and your connection to remote repositories is secure.

How does it help with OWASP compliance?

It provides a dedicated checklist and specific guidance for addressing the OWASP Top 10, covering areas like injection, broken access control, and sensitive data exposure.

Security & Compliance Suite

Name: Security & Compliance Suite
Author: ByronWilliamsCPA

byByronWilliamsCPA

0•

セキュリティとテスト

Secures software projects by automating vulnerability scanning, environment validation, and OWASP compliance auditing.

The Security Suite skill provides a comprehensive toolkit for identifying vulnerabilities, managing secrets, and ensuring adherence to security best practices within your development workflow. It automates critical tasks such as GPG/SSH key validation, dependency auditing via pip-audit, and static code analysis using Bandit and Semgrep, enabling developers to maintain a robust security posture and prevent sensitive data leaks before deployment.

主な機能

01Dependency vulnerability scanning using pip-audit and safety

02Automated static analysis with Bandit and Semgrep

03Secret management and encryption workflow integration

04Environment validation for GPG/SSH keys and git signing

050 GitHub stars

06Standardized OWASP Top 10 compliance checklists

ユースケース

01Verifying developer environment configurations and secure git signing

02Scanning third-party dependencies for known CVEs before production releases

03Performing comprehensive pre-commit security audits to prevent secret leakage

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add byronwilliamscpa/fragrance-rater security

For use in Claude.ai and ChatGPT

Download Skill