How does this skill detect malicious code?

It analyzes source files and install scripts for patterns like hardcoded IPs, obfuscated strings, and unauthorized file access.

Can it check for typosquatting in dependencies?

Yes, it reviews dependency manifests like package.json or requirements.txt to identify misspelled package names or suspicious third-party sources.

What files does it analyze during a review?

It examines common installation files including shell scripts (.sh), setup.py, Makefiles, and package manager configurations (package.json, go.mod, etc.).

Does it identify data exfiltration attempts?

Yes, it specifically looks for network calls to non-official destinations and code that attempts to read sensitive files like SSH keys or browser data.

Is this a replacement for a professional security audit?

While thorough, it serves as a high-level automated review to flag red flags and should be used as part of a broader security workflow.

Repository Security Auditor

Name: Repository Security Auditor
Author: jbdamask

byjbdamask

•

Security & Testing

Performs comprehensive security audits on GitHub repositories to detect malicious code, data exfiltration, and suspicious dependencies before installation.

The Repository Security Auditor skill enables Claude to evaluate the safety of open-source projects by systematically analyzing installation scripts, source code, and project dependencies. It identifies high-risk red flags such as obfuscated code, unauthorized network calls to unknown hosts, sensitive file access (like SSH keys or AWS credentials), and typosquatted packages. By providing a structured report with a clear safety verdict, this skill helps developers and security researchers mitigate the risks of supply chain attacks and malicious software before any code is executed on their local machine.

Key Features

01Analyzes installation scripts for malicious shell commands and remote code execution.

02Scans dependency manifests for typosquatting, telemetry packages, and untrusted sources.

031 GitHub stars

04Identifies unauthorized network activity and data exfiltration patterns in source code.

05Detects obfuscated payloads, hidden file creation, and suspicious environment variable harvesting.

06Generates structured security assessments with clear safety status and recommendations.

Use Cases

01Verifying the safety of a new open-source tool before running an install script.

02Reviewing complex codebases for hardcoded IP addresses or suspicious outbound network calls.

03Auditing project dependencies for hidden tracking or telemetry packages.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jbdamask/john-claude-skills repo-security-review

For use in Claude.ai and ChatGPT

Download Skill