Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From code-quality-orchestrator
Scans codebase for exposed secrets, dependency CVEs, and SAST issues like SQLi/XSS. Produces report with findings table, severities, and upgrade recommendations.
npx claudepluginhub markus41/claudeHow this command is triggered — by the user, by Claude, or both
Slash command
/code-quality-orchestrator:security-scanFiles this command reads when invoked
The summary Claude sees in its command listing — used to decide when to auto-load this command
# /security-scan Deep security vulnerability and secret scanning. ## Usage ## Options | Option | Description | Default | |--------|-------------|---------| | `--deep` | Full deep scan (slower) | false | | `--secrets` | Only scan for secrets | false | | `--deps` | Only scan dependencies | false | | `--sast` | Only run SAST analysis | false | | `--severity=<level>` | Minimum severity | medium | | `--fail-on=<level>` | Fail on severity | high | | `--ignore=<pattern>` | Ignore paths | node_modules | ## Examples ## Scan Types ### Secret Detection - API keys (AWS, GCP, Azure, etc.) - D...
/scanScans current codebase for security vulnerabilities via SAST, dependency CVEs (npm/pip/composer), and config issues. Outputs structured report with severity ratings, findings, and remediation steps.
/auditAudits project security: dependencies (npm/pip-audit), secrets (gitleaks), SAST (semgrep), OWASP Top 10; generates SECURITY_AUDIT.md, vulnerabilities.json, remediation-plan.md.
/security-scanScans code for hardcoded secrets, vulnerable dependencies, and common security issues (SQL injection, XSS, path traversal). Produces a categorized report with severity and remediation steps.
/auditPerforms security audit of codebase for dependency vulnerabilities, secrets, OWASP Top 10, input validation, auth issues, and misconfigs. Outputs findings report by severity with fixes and references.
/security-scanRuns AgentShield security scan against agent, hook, MCP, permission, and secret surfaces, producing a prioritized remediation plan with severity counts and fix suggestions.
/security-scanScans PostgreSQL and MySQL databases for 50+ OWASP security vulnerabilities, generates compliance reports, automated remediation scripts, and audit trails.
Share bugs, ideas, or general feedback.
Deep security vulnerability and secret scanning.
/security-scan [options]
| Option | Description | Default |
|---|---|---|
--deep | Full deep scan (slower) | false |
--secrets | Only scan for secrets | false |
--deps | Only scan dependencies | false |
--sast | Only run SAST analysis | false |
--severity=<level> | Minimum severity | medium |
--fail-on=<level> | Fail on severity | high |
--ignore=<pattern> | Ignore paths | node_modules |
# Standard security scan
/security-scan
# Deep scan with all checks
/security-scan --deep
# Only check for exposed secrets
/security-scan --secrets
# Fail only on critical issues
/security-scan --fail-on=critical
# CI mode
/security-scan --ci --severity=high --fail-on=high
🔒 SECURITY SCAN REPORT
═══════════════════════════════════════════════════════
Secrets Detection: ✓ PASS (0 secrets found)
Dependency Vulnerabilities: ⚠ WARN (2 medium)
SAST Analysis: ✓ PASS (0 critical issues)
Findings:
┌─────────┬────────────┬─────────────────────────────┐
│ Severity│ Type │ Description │
├─────────┼────────────┼─────────────────────────────┤
│ MEDIUM │ CVE │ lodash@4.17.19 - CVE-2021-23337 │
│ MEDIUM │ CVE │ axios@0.21.0 - CVE-2021-3749 │
└─────────┴────────────┴─────────────────────────────┘
Recommendations:
• Upgrade lodash to 4.17.21
• Upgrade axios to 0.21.4+