Can I ignore specific security findings?

Yes, you can use inline comments like '# security-scan: ignore' or create a '.security-scan-ignore' file for bulk exclusions.

Which file types does this scanner support?

The scanner supports Docker Compose (yml/yaml), Kubernetes manifests (yaml), and Terraform files (.tf, .tfvars).

Does it provide specific code to fix the issues?

Yes, every finding includes a detailed 'Fix' section with the exact code snippet needed to remediate the vulnerability.

How does it help with security compliance?

The scanner maps its detection rules to industry standards including CIS Docker Benchmark, CIS Kubernetes Benchmark, and OWASP categories.

Can this be integrated into my deployment pipeline?

Absolutely. It can be configured as a pre-write hook in Claude or as a standard step in GitHub Actions and other CI/CD tools.

Infrastructure Security Scanner

Name: Infrastructure Security Scanner
Author: cassao29

bycassao29

0•

Security & Testing

Scans infrastructure configuration files for security vulnerabilities and misconfigurations in Docker, Kubernetes, and Terraform.

This skill provides automated security auditing for modern infrastructure-as-code and container orchestration files. By analyzing Docker Compose, Kubernetes manifests, and Terraform scripts, it identifies critical risks such as public port bindings, privileged containers, and unencrypted storage. It goes beyond simple detection by providing detailed remediation guidance, risk explanations, and compliance mapping to CIS benchmarks and OWASP standards, ensuring your cloud infrastructure remains secure and compliant throughout the development lifecycle.

Key Features

01Pre-write hooks and CI/CD integration for automated security gates

020 GitHub stars

03Severity-based reporting with Critical, Medium, and Low risk classifications

04Compliance mapping to CIS Benchmarks and OWASP security standards

05Detailed remediation guidance with specific code fixes for every finding

06Multi-platform scanning for Docker Compose, Kubernetes, and Terraform files

Use Cases

01Enforcing infrastructure-as-code (IaC) best practices across a development team

02Auditing local configuration files before committing code to a repository

03Automating security checks within a CI/CD pipeline to block vulnerable deployments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add cassao29/claude-secure-plugins security-scanner

For use in Claude.ai and ChatGPT

Download Skill