Scans the codebase for security vulnerabilities using static analysis, dependency CVE checks, and configuration review. Produces a severity-categorized report with remediation steps.
How this command is triggered — by the user, by Claude, or both
Slash command
/vulnerability-scanner:scanThe summary Claude sees in its command listing — used to decide when to auto-load this command
# Vulnerability Scanner Perform comprehensive vulnerability scanning on the current codebase to identify security issues, CVEs, and potential attack vectors. ## Scan Process 1. **Code Analysis (SAST)** - Scan for common vulnerability patterns - Identify insecure code practices - Check for hardcoded secrets - Analyze authentication/authorization flaws 2. **Dependency Scanning** - Check npm/pip/composer dependencies for known CVEs - Identify outdated packages with security patches - Report transitive dependency vulnerabilities 3. **Configuration Review** - Analyze...
Perform comprehensive vulnerability scanning on the current codebase to identify security issues, CVEs, and potential attack vectors.
Code Analysis (SAST)
Dependency Scanning
Configuration Review
Report Generation
Generate a structured vulnerability report with:
14plugins reuse this command
First indexed Dec 31, 2025
Showing the 6 earliest of 14 plugins
npx claudepluginhub ia23a-lachnita/claude-code-plugins-plus-fix-skills --plugin vulnerability-scanner/scanScans the codebase for security vulnerabilities including SAST, dependency CVEs, and configuration issues. Produces a severity-categorized report with remediation steps.
/security-scanScans codebase for exposed secrets, dependency CVEs, and SAST issues like SQLi/XSS. Produces report with findings table, severities, and upgrade recommendations.
/security-checkScans the codebase for common vulnerability patterns, checks authentication, data handling, dependency security, and configuration, then reports findings with CVSS-based severity.
/securityScans code for exposed secrets and vulnerabilities via the github-autopilot MCP server, reporting risk level, severity, and fixes with redacted secrets.
/scanRuns a deterministic security scan combining native checks (secret patterns, file permissions, git tracking) with auto-detected external tools (gitleaks, pip-audit, npm audit).
/scanPerforms a comprehensive security audit — detects vulnerabilities, scans dependencies, checks OWASP Top 10, and generates a structured severity report. Also supports targeted scans (deps, headers, auth).