Can it automatically fix security issues?

Yes, by using the --fix flag, the skill can automatically apply safe patches like replacing hardcoded secrets with environment variables and tightening wildcard permissions.

Is this skill suitable for enterprise CI/CD pipelines?

Absolutely. It supports JSON output for easy parsing and includes a dedicated GitHub Action for automated security gating of AI configurations.

What specific files does this skill scan?

It scans all files within the .claude/ directory, specifically targeting CLAUDE.md, settings.json, mcp.json, and custom scripts in the hooks/ or agents/ subdirectories.

Does this skill require external dependencies?

Yes, it utilizes the AgentShield engine. You can run it via npx ecc-agentshield or install it globally via npm for faster execution.

How does the 'Opus 4.6 Deep Analysis' work?

This mode runs a three-agent adversarial workflow where a Red Team agent attempts to exploit your config, a Blue Team agent suggests defenses, and an Auditor synthesizes the final security report.

Claude Code Security Scanner

Name: Claude Code Security Scanner
Author: oabdelmaksoud

byoabdelmaksoud

•

安全与测试

Audits Claude Code configurations for security vulnerabilities, prompt injection risks, and credential leaks using the AgentShield framework.

The Security Scan skill integrates the AgentShield tool directly into your Claude Code workflow to protect developers from common security pitfalls in AI-driven environments. It automatically inspects the .claude/ directory, including CLAUDE.md for prompt injection patterns, settings.json for over-privileged permissions, and mcp.json for supply chain vulnerabilities. By providing automated remediation for common issues and offering optional multi-agent deep analysis (Red/Blue team simulation), this skill ensures your AI coding assistant operates within safe boundaries, preventing data exfiltration and unauthorized command execution.

主要功能

01Multi-agent adversarial analysis for deep vulnerability discovery

021 GitHub stars

03Comprehensive audit of .claude configuration files and project hooks

04Automated remediation for known security misconfigurations via --fix

05Flexible reporting in CLI, JSON, HTML, and Markdown formats for CI/CD

06Detection of hardcoded API keys, tokens, and sensitive credentials

使用场景

01Automating security checks in CI/CD pipelines to ensure safe AI configuration changes

02Vetting new repositories before enabling Claude Code access to prevent malicious injections

03Auditing Model Context Protocol (MCP) server permissions to prevent unauthorized shell access

主要功能

01Multi-agent adversarial analysis for deep vulnerability discovery

021 GitHub stars

03Comprehensive audit of .claude configuration files and project hooks

04Automated remediation for known security misconfigurations via --fix

05Flexible reporting in CLI, JSON, HTML, and Markdown formats for CI/CD

06Detection of hardcoded API keys, tokens, and sensitive credentials

使用场景

01Automating security checks in CI/CD pipelines to ensure safe AI configuration changes

02Vetting new repositories before enabling Claude Code access to prevent malicious injections

03Auditing Model Context Protocol (MCP) server permissions to prevent unauthorized shell access