Does it support different JavaScript package managers?

The skill provides built-in support for auditing dependencies across NPM, PNPM, and Yarn to ensure no known vulnerable packages are in use.

How does the Security Analysis skill detect vulnerabilities?

It uses targeted grep patterns to identify insecure code signatures, such as unparameterized queries and weak crypto, combined with dependency audit tools and OWASP checklists.

Can this skill find hardcoded secrets?

Yes, it includes specific scanning routines designed to identify hardcoded API keys, passwords, and other sensitive credentials within your source files.

Is this a replacement for manual security testing?

It is an excellent first line of defense for identifying common flaws and enforcing best practices during development, but it should be used alongside professional security audits.

Security Analysis & Vulnerability Scanner

Name: Security Analysis & Vulnerability Scanner
Author: bradtaylorsf

bybradtaylorsf

•

보안 및 테스팅

Performs comprehensive security vulnerability scanning and ensures OWASP Top 10 compliance across your codebase.

The Security Analysis skill transforms Claude into a proactive security auditor, enabling deep scans of source code to identify common vulnerabilities, validate authentication logic, and enforce security best practices. By utilizing a robust set of automated grep-based patterns and structured checklists, it helps developers detect hardcoded secrets, weak cryptography, injection risks, and insecure configurations before they reach production. Whether you are reviewing a new pull request or auditing a legacy repository, this skill provides the necessary patterns and commands to ensure your application adheres to modern security standards like the OWASP Top 10.

주요 기능

01Automated grep patterns for secret and vulnerability detection

02OWASP Top 10 compliance checklists and validation

03Identification of SQLi, XSS, and command injection risks

046 GitHub stars

05Multi-tool dependency auditing for NPM, PNPM, and Yarn

06Secure code pattern guidance for authentication and authorization

사용 사례

01Conducting automated security audits during the code review process

02Scanning repositories for hardcoded API keys and plaintext credentials

03Verifying authorization middleware implementation on sensitive API routes

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bradtaylorsf/alphaagent-team security-analysis

For use in Claude.ai and ChatGPT

Download Skill