Stats
Actions
Available In
Tags
Plugin
cybersecurity
Conduct AI-powered cybersecurity code audits on your codebase using 8 parallel specialist agents that scan for OWASP Top 10 and CWE Top 25 vulnerabilities, leaked secrets, supply chain risks, IaC misconfigurations, MITRE ATT&CK threats, authentication flaws, AI-generated code issues, and compliance violations, with framework-aware false-positive suppression.
README
The most comprehensive AI-powered cybersecurity code review skill for Claude Code. Spawns 8 parallel specialist agents to audit your codebase across vulnerability detection, authorization verification, secret scanning, supply chain analysis, IaC security, threat intelligence (malware/C2/backdoor detection), AI-generated code patterns, and business logic flaws.
Complements GitHub Advanced Security by detecting what static tools architecturally cannot: missing security controls, business logic flaws, attack-path chaining, and obfuscated secrets — with zero configuration.
Installation
Manual (recommended)
git clone https://github.com/AgriciDaniel/claude-cybersecurity.git
cd claude-cybersecurity
bash install.sh
Plugin (Claude Code native)
claude plugin install cybersecurity
One-liner (convenience)
curl -fsSL https://raw.githubusercontent.com/AgriciDaniel/claude-cybersecurity/main/install.sh | bash
Demo
Quick Start
# Full security audit of current project
/cybersecurity
# Quick scan (entry points + auth + secrets + deps only)
/cybersecurity --scope quick
# Review only changed files (PR review mode)
/cybersecurity --scope diff
# Deep dive into one dimension
/cybersecurity --focus threat
# With compliance mapping
/cybersecurity --compliance pci
What It Does
Key Differentiators vs GitHub Advanced Security
| Capability | GHAS | This Skill |
|---|---|---|
| Business logic flaw detection | No | Yes |
| Authorization enforcement verification | Basic | Context-aware |
| Race condition detection | Very limited | Concurrency pattern analysis |
| Languages supported | 12 | 14 (pattern-based) + broader reasoning via LLM |
| IaC/Container/CI-CD scanning | No | Terraform, Docker, K8s, Actions |
| AI-generated code security | No | Specialized detection |
| Obfuscated secret detection | Regex only | Semantic context analysis |
| Threat intelligence (malware/C2) | No | MITRE ATT&CK mapped |
| Framework-aware false-positive suppression | No | 10 frameworks |
| Cost | $49/committer/month | Free (with Claude Code) |
Coverage
Scoring System
Architecture
File Structure
skills/cybersecurity/
├── SKILL.md (~990 lines — orchestrator)
├── references/
│ ├── vulnerability-taxonomy.md (25 CWE categories)
│ ├── scoring-rubric.md (formula + confidence system)
│ ├── threat-intelligence.md (MITRE ATT&CK patterns)
│ ├── compliance-matrix.md (5 frameworks)
│ ├── false-positive-suppression.md (10 frameworks)
│ ├── semgrep-patterns.md (8 detection patterns)
│ ├── report-template.md (output format + worked example)
│ ├── language-patterns/ (11 files)
│ └── iac-patterns/ (4 files)
Total: 23 files, 5,350 lines of security knowledge.
Requirements
- Claude Code (CLI, Desktop, or IDE extension)
- No other dependencies — zero configuration, works immediately
Uninstall
curl -fsSL https://raw.githubusercontent.com/AgriciDaniel/claude-cybersecurity/main/uninstall.sh | bash
Or manually:
rm -rf ~/.claude/skills/cybersecurity
Related Projects
- claude-seo — Comprehensive SEO analysis
- claude-blog — Full-lifecycle blog engine
- claude-ads — Paid advertising audit
License
MIT - AgriciDaniel 2026
Stats
Version1.0.0
Released
LanguageShell
Stars126
Forks30
Copy clicks2
MaintenanceExcellent
LicenseMIT
Last Commit
Added
Tags
Topics
Categories
