What tools does this skill use for scanning?

It coordinates specialized workers for secret scanning (supporting tools like Gitleaks or TruffleHog) and ecosystem-specific dependency audit tools based on your project's language.

Does this skill fix the vulnerabilities automatically?

It identifies and classifies risks with remediation guidance and severity scores, providing the necessary roadmap for developers to implement fixes.

Does it overwrite my existing security files?

No, it is designed to detect existing configurations like SECURITY.md or .gitleaks.toml and will attempt to update or preserve custom sections rather than overwriting them.

Can it be used in an existing project or only at the start?

While ideal for bootstrapping, it can be triggered manually at any time to perform a comprehensive security audit and backfill missing security infrastructure or hooks.

Security Infrastructure Coordinator

Name: Security Infrastructure Coordinator
Author: levnikolaevich

bylevnikolaevich

•

Security & Testing

Orchestrates automated security scanning for secrets and dependencies while generating standardized security infrastructure for any project.

The Security Infrastructure Coordinator is an L2 domain coordinator designed to establish a robust security posture during project initialization or audits. It manages the detection of hardcoded secrets and vulnerable dependencies by delegating to specialized scanning workers, then aggregates these findings into a unified risk assessment. Beyond reporting, it automates the creation of essential security artifacts including SECURITY.md documentation, pre-commit hooks for leak prevention, and GitHub Actions workflows for continuous security monitoring, ensuring your development environment meets production-grade safety standards.

Key Features

01Unified Secret & Dependency Scanning

0238 GitHub stars

03Risk Assessment & Severity Scoring

04Pre-commit Hook Configuration

05CI/CD Security Workflow Generation

06Automated SECURITY.md Generation

Use Cases

01Integrating automated security gates into a CI/CD pipeline

02Initializing security standards for new software projects

03Conducting a comprehensive security audit of an existing codebase

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add levnikolaevich/claude-code-skills ln-760-security-setup

For use in Claude.ai and ChatGPT

Download Skill