Does it provide solutions for found vulnerabilities?

The skill generates a detailed report that includes the risk level, the specific file and line number, and recommended code fixes or architectural changes.

What tools does Claude need to run this skill?

This skill utilizes the Read, Grep, Glob, and Bash tools to analyze source code and execute external security utilities.

Can it check for vulnerable third-party packages?

Yes, it uses Bash tools like npm audit, pip-audit, and cargo audit to identify and report vulnerabilities within your project dependencies.

Can this skill detect hardcoded API keys?

Yes, it specifically scans for patterns related to AWS, GitHub, Slack, and Stripe keys, as well as private keys and database connection strings.

What security standards does the scanner follow?

The scanner is built to identify risks associated with the OWASP Top 10, including injection, broken access control, and security misconfigurations.

Security Scanner

Name: Security Scanner
Author: Lordjiggy

byLordjiggy

•

Security & Testing

Performs comprehensive security audits to detect vulnerabilities, hardcoded secrets, and OWASP Top 10 risks within your codebase.

The Security Scanner skill transforms Claude into an automated security auditor, enabling it to scan source code for critical vulnerabilities such as SQL injection, XSS, and hardcoded API keys. By leveraging advanced pattern matching and integrated CLI tools like npm-audit, it generates detailed reports aligned with the OWASP Top 10 framework. This skill is essential for developers who want to implement security-first practices, providing not only detection but also actionable remediation steps and auto-fix suggestions to secure applications before deployment.

Key Features

01Automated detection of hardcoded secrets, API keys, and private tokens

02Actionable security reports with risk levels and auto-fix code suggestions

03Comprehensive dependency auditing using native package manager tools

04Deep scanning for SQL injection, XSS, and command injection vulnerabilities

05OWASP Top 10 compliance checks including access control and crypto failures

061 GitHub stars

Use Cases

01Conducting pre-commit security audits to prevent credential leakage

02Identifying and patching injection vulnerabilities in legacy codebases

03Auditing project dependencies for known security flaws and vulnerabilities

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add lordjiggy/claude-code-marketplace security

For use in Claude.ai and ChatGPT

Download Skill