Which programming languages does this security skill support?

While the dependency and unsafe code scanning are optimized for Rust (using Cargo), the secret detection (gitleaks) and general auditing workflows can be used with any codebase.

How does it handle license compliance?

It utilizes cargo-deny to verify that all dependencies adhere to your allowed license list (e.g., MIT, Apache-2.0) and automatically flags copyleft or unauthorized licenses.

What happens if a secret like an AWS key is detected?

The skill identifies the leak, provides the specific file location, and offers git-filter-repo or commit amendment commands to purge the secret from your repository history.

Can I integrate this into my CI/CD pipeline?

Yes, the skill provides specific 'Quick Audit' patterns designed for CI environments that prioritize speed while maintaining essential security checks.

Security Audit & Vulnerability Scanner

Name: Security Audit & Vulnerability Scanner
Author: ShunsukeHayashi

byShunsukeHayashi

•

Security & Testing

Conducts comprehensive security audits, dependency scans, and secret leak detection to ensure production-ready code safety.

This skill provides an automated workflow for identifying security vulnerabilities within project dependencies, detecting unsafe code patterns, and preventing sensitive credential leaks. Designed primarily for Rust-based environments but extensible to general repositories, it integrates industry-standard tools like cargo-audit, gitleaks, and cargo-deny to ensure that codebases remain compliant, secure, and free of CVEs before production deployment.

Key Features

01Supply chain security verification for external crates

02Automated dependency vulnerability scanning and CVE monitoring

03License compliance and policy enforcement auditing

04Unsafe Rust code detection and memory safety analysis

057 GitHub stars

06Sensitive secret and credential leak detection with gitleaks

Use Cases

01Performing a full security audit before a production deployment

02Identifying and purging accidentally committed secrets from Git history

03Automating periodic security checks to maintain compliance standards

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add shunsukehayashi/miyabi security-audit

For use in Claude.ai and ChatGPT

Download Skill