By cooneycw
Run multi-layered security scans on Claude Code projects: fast native checks for secrets and misconfigurations, deep git-history secret scanning via gitleaks, dependency audits (pip-audit, npm audit), and risk-graded permission audits that classify tool calls into allow/ask/deny tiers.
Deep security scan (includes git history)
Explain a security finding in detail
Novice-friendly security scanning for Claude Code projects.
Risk-graded permission audit - wraps native /fewer-permission-prompts with allow/ask/deny tiers
Quick security scan (native only, fast)
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
CLAUDE.md management for Claude Code projects: /claude-md:lint checks for missing CI/CD, Docker, and troubleshooting directives.
Documentation and diagrams for Claude Code projects: /documentation:c4 renders C4 architecture diagrams (L1-L4) as GitHub-renderable Mermaid, /documentation:pptx builds PowerPoint decks with optional diagrams.
GitHub issue management from Claude Code: create, list, view, update, and close issues (/github:issue-create, issue-list, issue-view, issue-update, issue-close).
Codex CLI orchestration from Claude Code: /codex:ask read-only delegation, /codex:exec one-shot runs with JSONL monitoring, /codex:auto full issue lifecycle delegation, /codex:status readiness checks.
Project scaffolding: /project:init zero-to-GitHub-repo orchestration (repo creation, CLAUDE.md via the native /init, CI/CD wiring).
npx claudepluginhub cooneycw/claude-power-pack --plugin securityScan codebase for exposed secrets, API keys, passwords, and sensitive credentials
Perform security audit on codebase
Agentic-Security is a powerful Claude Code plugin that automatically performs Application Security Testing (SAST, SCA, secrets detection, and more). Think of it as the easy button for making your Claude-generated code safe and secure.
Open-source cybersecurity analysis agent. Scans any local project for vulnerabilities: code security (SAST), dependency CVEs (SCA), secret leaks, authentication/authorization flaws, cryptographic weaknesses, misconfigurations, supply chain risks, and CI/CD security. Covers all OWASP 2025 Top 10 and CWE Top 25 categories. Generates prioritized reports with remediation guidance. Invoke with /cyber-neo [path].
Aikido Security for Claude Code: scan code (SAST, secrets, IaC) and list all issues from your Aikido feed powered by the Aikido MCP server.
Security scanning, dependency CVE audits, and exposure-aware risk prioritization.