Security Misconfiguration Finder

概要

This skill empowers developers and security engineers to proactively detect and fix security misconfigurations within their development workflow. By analyzing configuration files such as Terraform, CloudFormation, and application-specific settings, it pinpoints vulnerabilities including insecure defaults, exposed secrets, and compliance gaps. It acts as an automated security auditor, providing actionable remediation advice to harden systems before deployment and ensure adherence to industry security standards.

主な機能

• Audits application settings for insecure defaults and missing headers
• Checks system settings for compliance with security best practices
• 0 GitHub stars
• Analyzes Infrastructure-as-Code files like Terraform and CloudFormation
• Detects exposed API keys, secrets, and sensitive credentials
• Provides detailed remediation recommendations for identified issues

ユースケース

• Scanning application YAML files for hardcoded secrets or disabled security features
• Reviewing system access controls and password policies for compliance
• Performing a pre-deployment security audit on Terraform configuration files