Which Python frameworks are supported?

The skill includes specialized, built-in security checks for Flask, Django, and FastAPI, in addition to general security patterns applicable to any Python codebase.

Does this skill scan production .env files?

By default, the scanner skips real .env files to protect sensitive data. It focuses on analyzing .env.example or .env.template files to ensure proper documentation and structure without exposing actual secrets.

Can I perform a quick scan for just one type of vulnerability?

Yes, you can run targeted scans using specific flags like --secrets, --injection, --deps, or --auth to focus on specific categories of security risks.

Is the security report compatible with CI/CD pipelines?

Yes, the skill can generate output compatible with SARIF for GitHub Code Scanning, JSON for custom integrations, and JUnit XML for standard CI/CD pipelines.

Python Security Scanner

Name: Python Security Scanner
Author: sugarforever

bysugarforever

•

Security & Testing

Performs comprehensive security audits and vulnerability scans for Python web applications and scripts to identify OWASP risks and insecure patterns.

About

The Python Security Scan skill provides an automated, deep-dive auditing capability for Python projects, specifically optimized for Flask, Django, and FastAPI frameworks. It streamlines the identification of OWASP Top 10 vulnerabilities, such as SQL injection and insecure deserialization, while performing automated dependency checks for known CVEs. By analyzing code structures and configuration templates, it helps developers catch hardcoded secrets and framework-specific security misconfigurations before they reach production, providing clear severity classifications and actionable remediation guidance.

Key Features

Automated dependency auditing for known CVEs using pip-audit and safety.
Intelligent scanning for hardcoded secrets, credentials, and API keys.
Automatic framework detection for Flask, Django, and FastAPI projects.
Categorized severity reporting with actionable remediation advice and code snippets.
Comprehensive OWASP Top 10 vulnerability mapping and reporting.
19 GitHub stars

Use Cases

Pre-deployment security audits for enterprise-grade Python web applications.
Validating third-party dependencies and environment variable templates for security compliance.
Automated code reviews to identify injection flaws and insecure deserialization patterns.

About

Key Features

Automated dependency auditing for known CVEs using pip-audit and safety.
Intelligent scanning for hardcoded secrets, credentials, and API keys.
Automatic framework detection for Flask, Django, and FastAPI projects.
Categorized severity reporting with actionable remediation advice and code snippets.
Comprehensive OWASP Top 10 vulnerability mapping and reporting.
19 GitHub stars

Use Cases

Pre-deployment security audits for enterprise-grade Python web applications.
Validating third-party dependencies and environment variable templates for security compliance.
Automated code reviews to identify injection flaws and insecure deserialization patterns.