Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From ecc
Runs AgentShield security scan against agent, hook, MCP, permission, and secret surfaces, producing a prioritized remediation plan with severity counts and fix suggestions.
npx claudepluginhub affaan-m/ecc --plugin eccHow this command is triggered — by the user, by Claude, or both
Slash command
/ecc:security-scanThe summary Claude sees in its command listing — used to decide when to auto-load this command
# Security Scan Command Run AgentShield against the current project or a target path, then turn the findings into a prioritized remediation plan. ## Usage `/security-scan [path] [--format text|json|markdown|html] [--min-severity low|medium|high|critical] [--fix]` - `path` (optional): defaults to the current project. Use a `.claude/` path, a repo root, or a checked-in template directory. - `--format`: output format. Use `json` for CI, `markdown` for handoffs, and `html` for standalone review reports. - `--min-severity`: filters lower-priority findings. - `--fix`: applies only AgentShield...
/security-scanRuns AgentShield security scanning on the current project or a specified path, detecting hardcoded secrets, broad permissions, executable hooks, and unsafe MCP configurations. Produces a prioritized fix plan with severity ratings and optional auto-fix.
/scanRuns a multi-surface security scanner (SCA, secrets, authz, MCP, pipeline, logic, diff) with focused modes and supplementary output blocks. Exit codes convey severity.
/security-scanScans a Claude Code plugin directory for security risks in executable artifacts (hooks, scripts, MCP configs, dependencies) and produces a pass/review/block recommendation.
/security-scanScans codebase for vulnerabilities, hardcoded secrets, OWASP Top 10 compliance, and security best practices violations. Produces report with issues and fix recommendations.
/kasi-securityRuns security audit on project codebase: detects stack (PHP/Node/Python/etc.), loads checklist, scans files for SQLi/XSS/CSRF/auth bypass/etc., outputs prioritized findings with confidence labels.
/security-scanScans PostgreSQL and MySQL databases for 50+ OWASP security vulnerabilities, generates compliance reports, automated remediation scripts, and audit trails.
Share bugs, ideas, or general feedback.
Run AgentShield against the current project or a target path, then turn the findings into a prioritized remediation plan.
/security-scan [path] [--format text|json|markdown|html] [--min-severity low|medium|high|critical] [--fix]
path (optional): defaults to the current project. Use a .claude/ path, a repo root, or a checked-in template directory.--format: output format. Use json for CI, markdown for handoffs, and html for standalone review reports.--min-severity: filters lower-priority findings.--fix: applies only AgentShield fixes explicitly marked as safe and auto-fixable.Prefer the packaged scanner:
npx ecc-agentshield scan --path "${TARGET_PATH:-.}" --format text
For local AgentShield development, run from the AgentShield checkout:
npm run scan -- --path "${TARGET_PATH:-.}" --format text
Do not invent findings. Use AgentShield output as the source of truth and separate scanner facts from follow-up judgment.
npx--fix is requested, state the planned edits before applying fixes.Return:
Use AgentShield in GitHub Actions for enforced gates:
- uses: affaan-m/agentshield@v1
with:
path: "."
min-severity: "medium"
fail-on-findings: true
skills/security-scan/SKILL.mdagents/security-reviewer.md$ARGUMENTS: