From code-quality-orchestrator
Deep security vulnerability and secret scanning.
npx claudepluginhub markus41/claude --plugin code-quality-orchestrator# /security-scan Deep security vulnerability and secret scanning. ## Usage ## Options | Option | Description | Default | |--------|-------------|---------| | `--deep` | Full deep scan (slower) | false | | `--secrets` | Only scan for secrets | false | | `--deps` | Only scan dependencies | false | | `--sast` | Only run SAST analysis | false | | `--severity=<level>` | Minimum severity | medium | | `--fail-on=<level>` | Fail on severity | high | | `--ignore=<pattern>` | Ignore paths | node_modules | ## Examples ## Scan Types ### Secret Detection - API keys (AWS, GCP, Azure, etc.) - D...
/security-scanScans PostgreSQL and MySQL databases for 50+ OWASP security vulnerabilities, generates compliance reports, automated remediation scripts, and audit trails.
/security-scanScans codebase for hardcoded secrets, vulnerable dependencies, code patterns like injections/XSS, and config issues. Produces structured report with issues, severities, and remediation steps.
/security-scanScans codebase for hardcoded secrets, vulnerable dependencies, code patterns like injections/XSS, and config issues. Produces structured report with issues, severities, and remediation steps.
/security-scanScans codebase for OWASP Top 10 vulnerabilities and common security patterns. Defaults to entire project or limits to specified path.
/security-scanPerforms deep security audit on .NET solution for vulnerable NuGet packages, secrets, OWASP Top 10 risks, auth/CORS config, data protection. Outputs structured report with severity-ranked findings and remediations.
/security-scanPerforms comprehensive security audit of project including OWASP Top 10, auth review, input validation, secrets, dependency scans, SQLi/XSS prevention, compliance checks, with remediation guidance.
Deep security vulnerability and secret scanning.
/security-scan [options]
| Option | Description | Default |
|---|---|---|
--deep | Full deep scan (slower) | false |
--secrets | Only scan for secrets | false |
--deps | Only scan dependencies | false |
--sast | Only run SAST analysis | false |
--severity=<level> | Minimum severity | medium |
--fail-on=<level> | Fail on severity | high |
--ignore=<pattern> | Ignore paths | node_modules |
# Standard security scan
/security-scan
# Deep scan with all checks
/security-scan --deep
# Only check for exposed secrets
/security-scan --secrets
# Fail only on critical issues
/security-scan --fail-on=critical
# CI mode
/security-scan --ci --severity=high --fail-on=high
π SECURITY SCAN REPORT
βββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Secrets Detection: β PASS (0 secrets found)
Dependency Vulnerabilities: β WARN (2 medium)
SAST Analysis: β PASS (0 critical issues)
Findings:
βββββββββββ¬βββββββββββββ¬ββββββββββββββββββββββββββββββ
β Severityβ Type β Description β
βββββββββββΌβββββββββββββΌββββββββββββββββββββββββββββββ€
β MEDIUM β CVE β lodash@4.17.19 - CVE-2021-23337 β
β MEDIUM β CVE β axios@0.21.0 - CVE-2021-3749 β
βββββββββββ΄βββββββββββββ΄ββββββββββββββββββββββββββββββ
Recommendations:
β’ Upgrade lodash to 4.17.21
β’ Upgrade axios to 0.21.4+