Can I integrate this into my CI/CD pipeline?

Yes, it provides structured scripts and GitHub Actions YAML templates to automate security validation during every push or pull request.

How does it handle AI-specific security?

It features specialized audits for AI architectures, including ReDoS detection in heuristic patterns and integrity checks for semantic models.

Does this skill support secret detection?

Yes, it integrates with tools like TruffleHog to scan your filesystem and git history for leaked secrets, credentials, and private keys.

Can I use this for OWASP compliance?

Absolutely. It includes specific checks and grep patterns for the OWASP Top 10, covering Broken Access Control, Injection, and Cryptographic Failures.

Is it compatible with Docker-based architectures?

Yes, the skill includes commands for scanning Docker images and verifying network isolation and container security within 11-service environments.

Security Audit Scanner

Name: Security Audit Scanner
Author: tbartel74

bytbartel74

•

Security & Testing

Automates comprehensive security audits, vulnerability scanning, and secret detection for complex multi-service architectures.

The Security Audit Scanner is a specialized skill for Claude Code designed to maintain high security standards in complex software architectures like Vigil Guard v2.0.0. It automates critical security tasks including OWASP Top 10 compliance checks, TruffleHog secret detection, and dependency vulnerability scanning for npm and pip. Specifically optimized for 3-branch service architectures, it validates internal service isolation, checks for ReDoS in regex patterns, and monitors for model poisoning or prompt injection risks, making it an essential tool for developers building secure AI-powered systems with robust CI/CD security pipelines.

Key Features

01Automated OWASP Top 10 compliance scanning and validation scripts

02Deep secret detection using TruffleHog integration for codebases and git history

03Multi-service vulnerability scanning for npm, pip, and Docker containers

04Advanced 3-branch architecture security for heuristics, semantic, and LLM services

05Ready-to-use CI/CD integration patterns for GitHub Actions

066 GitHub stars

Use Cases

01Conducting full security audits on complex multi-service applications before production deployment

02Identifying and remediating hardcoded secrets, credentials, or keys in the source code

03Validating the security isolation and access control of internal API endpoints and AI model services

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add tbartel74/vigil-code security-audit-scanner

For use in Claude.ai and ChatGPT

Download Skill