security-scanning
AgentShield security audit with 5 scanning categories, 102 static analysis rules, and optional red-team simulation.
Best use case
security-scanning is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
AgentShield security audit with 5 scanning categories, 102 static analysis rules, and optional red-team simulation.
Teams using security-scanning should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/security-scanning/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How security-scanning Compares
| Feature / Agent | security-scanning | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
AgentShield security audit with 5 scanning categories, 102 static analysis rules, and optional red-team simulation.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Security Scanning ## Overview AgentShield security audit methodology adapted from the Everything Claude Code project. Scans across 5 categories with 102 static analysis rules. ## Scanning Categories ### 1. Secrets Detection (14 Pattern Categories) - AWS access keys (AKIA pattern) - GitHub tokens (ghp_, gho_, ghs_, ghr_) - Generic API keys and bearer tokens - Database connection strings with credentials - Private keys (RSA, EC, SSH) - JWT secrets and signing keys - OAuth client secrets - Slack tokens and webhooks - Cloud provider credentials (GCP, Azure) ### 2. Permission Auditing - File system read/write scope - Network calls and protocols - Process execution (child_process) - File permissions (777, world-writable) - CORS and CSP headers - Docker privilege escalation ### 3. Hook Injection Analysis - Git hooks for command injection - npm lifecycle scripts (preinstall, postinstall) - Claude Code hooks for unsafe patterns - eval()/Function()/dynamic code execution - Unvalidated user input in shell commands ### 4. MCP Risk Profiling - Tool permission inventory - Data exposure risk mapping - Transport security (stdio vs SSE vs HTTP) - Prompt injection via tool descriptions - Rate limiting verification ### 5. Agent Config Review - Model settings integrity - Prompt injection resistance - Tool allowlist scoping - Output validation and sanitization - Information leakage in error messages ## Optional: Red Team Simulation - Attack simulation against found vulnerabilities - Exploitability rating: trivial, moderate, difficult, theoretical - Blue-team defense recommendations ## When to Use - Pre-deployment security review - New dependency introduction - Hook or plugin configuration changes - Agent or MCP server setup ## Agents Used - `security-reviewer` (primary consumer)
Related Skills
web-security
OWASP Top 10, security headers, CSP, XSS prevention, and vulnerability prevention.
security-scanner
Run security scans including SAST, dependency scanning, and secret detection
security-sandbox
Isolated analysis environment management for malware and exploit testing. Create and manage isolated VMs, configure Cuckoo Sandbox, set up REMnux/FlareVM environments, manage Docker-based analysis containers, and capture filesystem and process changes.
Offensive Security Skill
Offensive security tools and techniques integration
hardware-security
Hardware and embedded security research capabilities. Interface with JTAG debuggers, analyze SPI/I2C communications, dump and analyze firmware, support fault injection, side-channel analysis, and hardware exploitation research.
cloud-security-testing
Multi-cloud security assessment and penetration testing capabilities. Execute Prowler/ScoutSuite assessments, analyze IAM policies, identify cloud misconfigurations, test permissions, and enumerate cloud resources across AWS/GCP/Azure.
Burp Suite/Web Security Skill
Web application security testing with Burp Suite integration
aiml-security
AI/ML model security testing and adversarial research capabilities. Generate adversarial examples, test model robustness, perform model extraction attacks, test for data poisoning, analyze model fairness, and support ART framework integration.
vendor-security-questionnaire
Automated vendor security assessment through questionnaire generation, response parsing, and risk scoring
owasp-security-scanner
Automated OWASP Top 10 vulnerability detection and assessment. Run OWASP ZAP automated scans, detect injection vulnerabilities, identify broken authentication patterns, check for sensitive data exposure, analyze security misconfigurations, and generate OWASP-compliant reports.
multi-cloud-security-posture
Unified cloud security posture management across AWS, Azure, and GCP with normalized metrics and CIS benchmark comparison
iac-security-scanner
Infrastructure as Code security scanning and policy enforcement for Terraform, CloudFormation, Kubernetes, and Pulumi