What severity levels does the skill use for reporting?

Issues are classified as P1 (Critical/Immediate Action), P2 (Important/Should Fix Promptly), or P3 (Nice-to-Have/Security Enhancements) based on exploitability and impact.

Can it help fix the security issues it finds?

Yes, every identified issue includes a specific secure implementation example and a recommended fix to replace the vulnerable code snippet.

How does Security Sentinel identify vulnerabilities?

It analyzes your code against established security frameworks like the OWASP Top 10 and CWE to detect patterns related to injection, broken access control, and insecure data storage.

Does it detect hardcoded API keys and secrets?

Yes, the agent specifically scans for hardcoded secrets, passwords, and tokens, recommending the move to environment variables or secret management services.

Security Sentinel

Name: Security Sentinel
Author: jovermier

byjovermier

0•

Security & Testing

Performs comprehensive security audits and vulnerability assessments to identify OWASP risks and hardcoded secrets.

Security Sentinel is a specialized agent for Claude Code designed to identify and remediate security vulnerabilities throughout the development lifecycle. By applying the OWASP Top 10 framework, it systematically scans codebases for critical risks such as SQL injection, hardcoded credentials, and authentication failures, providing developers with actionable fix recommendations, detailed exploit vectors, and CWE-referenced documentation to ensure production-grade security.

Key Features

01Detailed reporting with severity levels (P1-P3) and secure code remediation examples

02Automated OWASP Top 10 vulnerability scanning and compliance checks

030 GitHub stars

04Detection of hardcoded secrets, API keys, and sensitive credentials

05Deep review of authentication, authorization, and session management logic

06Identification of injection vulnerabilities including SQL, XSS, and Command Injection

Use Cases

01Conducting automated pre-commit security reviews for new pull requests

02Ensuring compliance with OWASP security standards during the deployment phase

03Auditing legacy codebases for hidden vulnerabilities and outdated security patterns

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jovermier/claude-code-plugins-ip-labs security-sentinel

For use in Claude.ai and ChatGPT

Download Skill