What security scanners are supported by this skill?

The skill supports popular security tools including Bandit for Python code analysis, Semgrep for general static analysis, and pip-audit or safety for dependency scanning.

Does this skill help with OWASP compliance?

Yes, it includes built-in guidance and checklists for the OWASP Top 10, helping developers mitigate risks like injection, broken access control, and sensitive data exposure.

How does this skill handle secret management?

It provides specific workflows for encrypting secrets and checking for leaked credentials in the codebase using tools like gitleaks during pre-commit checks.

When does the Security skill activate?

It auto-activates whenever security-related keywords are used, such as 'vulnerability', 'audit', 'encryption', 'OWASP', or when performing environment validations.

Security Compliance & Vulnerability Scanner

Name: Security Compliance & Vulnerability Scanner
Author: ByronWilliamsCPA

byByronWilliamsCPA

0•

Security & Testing

Automates security validation, vulnerability scanning, and compliance auditing to ensure secure software development cycles.

This skill empowers Claude to perform deep security audits by integrating industry-standard tools directly into the development workflow. It provides automated workflows for environment validation, GPG/SSH key management, and secret encryption, while leveraging scanners like Bandit, Semgrep, and pip-audit to identify code-level vulnerabilities and dependency risks. By incorporating OWASP Top 10 considerations and rigorous pre-commit checklists, it ensures that security is a first-class citizen from the first line of code to the final release.

Key Features

01Dependency auditing with pip-audit and safety check for known CVEs

02Secret encryption and management workflows to prevent data exposure

030 GitHub stars

04Automated vulnerability scanning using Bandit and Semgrep static analysis

05GPG and SSH environment validation for secure git signing

06OWASP Top 10 compliance checking and remediation guidance

Use Cases

01Conducting automated pre-commit security scans to catch vulnerabilities early

02Configuring and validating secure development environments and key signing

03Auditing project dependencies for security risks before a production release

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add byronwilliamscpa/template-sample security

For use in Claude.ai and ChatGPT

Download Skill