Scan code for security vulnerabilities and issues.
Scans code for security vulnerabilities and provides actionable fixes.
/plugin marketplace add marcel-Ngan/ai-dev-team/plugin install marcel-ngan-ai-dev-team@marcel-Ngan/ai-dev-teamScan code for security vulnerabilities and issues.
/security-scan [target] [--severity critical|high|medium|all]
Arguments:
target - File, directory, or "all" for full scan (default: current directory)--severity - Minimum severity to report (default: medium)/security-scan
/security-scan src/api/
/security-scan src/auth/login.ts --severity critical
/security-scan all --severity all
## Security Scan Results
**Target:** src/api/
**Scan Time:** 2024-01-15 10:30:00
**Files Scanned:** 45
### Critical (2)
#### SQL Injection - src/api/users.ts:42
```typescript
const query = `SELECT * FROM users WHERE id = ${userId}`;
Risk: User input directly interpolated into SQL query Fix: Use parameterized queries
const query = 'SELECT * FROM users WHERE id = ?';
db.query(query, [userId]);
...
| Severity | Count |
|---|---|
| Critical | 2 |
| High | 3 |
| Medium | 7 |
| Low | 12 |
Recommendation: Address critical and high issues before deployment.
## Skill Used
`security-vulnerability-scan`
## When to Use Agent Instead
Use the **Senior Developer** or **Software Architect** agent when:
- Remediation planning needed
- Architecture-level security review required
- Threat modeling wanted
/security-scanSecurity-focused code scan. Checks for hardcoded secrets, vulnerable dependencies, and common security issues.