Is this skill only for security purposes?

While optimized for security audits and ASVS mapping, it is also highly useful for general project onboarding and understanding a new codebase's architecture.

Does it work with all programming languages?

It includes built-in detection strategies for TypeScript, JavaScript, Python, Go, Rust, Java, Ruby, PHP, and C#.

Where is the project context data stored?

The skill generates and reads from a .claude/project-context.json file within your repository's root directory for persistence.

How does the Project Context skill detect features?

It uses a combination of file globbing, package manifest analysis (like package.json, requirements.txt, or go.mod), and grep searches for specific library imports and middleware patterns.

Can I manually update the detected context?

Yes, you can manually edit the .claude/project-context.json file to add custom security notes, override project types, or correct misidentified frameworks.

Project Context Security Detector

Name: Project Context Security Detector
Author: Zate

byZate

0•

Security & Testing

Identifies a project's technology stack, architecture, and security-sensitive features to streamline audits and analysis.

The Project Context skill enables Claude to automatically map out a repository's architecture, including its programming languages, frameworks, and key functional modules like authentication or payment processing. By generating a standardized .claude/project-context.json file, it provides a structured foundation for security audits, allowing auditors to focus on relevant attack surfaces and apply framework-specific security patterns. It bridges the gap between raw source code and high-level architectural understanding, ensuring that security assessments are both comprehensive and context-aware.

Key Features

01Security-sensitive feature mapping for authentication, payments, and file uploads

020 GitHub stars

03Integration with ASVS (Application Security Verification Standard) domains

04Automated tech stack and framework detection across multiple languages

05Standardized JSON schema for cross-tool compatibility and persistence

06Intelligence-driven directory structure analysis and classification

Use Cases

01Setting up project-specific security rules and framework-aware linting

02Quickly onboarding to complex codebases by visualizing the tech stack and feature map

03Scoping a new security audit to identify relevant attack surfaces and domains

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add zate/cc-plugins project-context

For use in Claude.ai and ChatGPT

Download Skill