Agentic-Security is a powerful Claude Code plugin that automatically performs Application Security Testing (SAST, SCA, secrets detection, and more). Think of it as the easy button for making your Claude-generated code safe and secure.
CI/deploy security gates — CI workflow, pre-deploy gate, git hooks. Default generates a CI workflow.
Compliance + auditor flows. Framework attestation, walkthrough, buyer-facing badge, stack audits, PR augmentation.
Full /scan --all then /fix --all --low in one command. The vibecoder "just make it safe" path.
Remediate findings: --one <id>, --all by severity, --pr bundles a PR, --sca upgrades vulnerable deps.
Experimental + AI-driven. Self-audit, model rescan, rule synth, cross-repo, risk/time quantification.
Subagents that hold `Edit` MUST follow the same write-confinement contract
Safely apply dead-code cleanup batches identified by /trim-dead-code. Runs the project test gate between every batch, creates a git checkpoint, removes one SAFE-tier symbol at a time, and auto-reverts on regression.
Per-component CLEAN/SUSPICIOUS/MALICIOUS verdict for third-party dependencies. Use after /security-sca surfaces packages and you need to decide whether a vulnerability is malware vs. ordinary CVE.
Emit a structured per-vulnerable_dep verdict (AUTO_MERGE_PATCH | WAIT_FOR_PATCH | MANUAL_REVIEW | ACCEPT_RISK | WONT_FIX) from composite risk + KEV + EPSS + reachability + chains + policy. Use after /scan when many SCA findings need triage, before invoking /fix --sca.
Combine individual security findings into multi-step attack chains (e.g., IDOR + missing auth = account takeover). Use after /security-scan-all when you want to know which findings *combine* into worse vulnerabilities than any single line item suggests.
Walk through the six-step recipe for adding a new SAST detector — pick the module, export scan*(), wire, fixture, test.
Privacy review before handling user data. Activate on PII/PHI/PCI shapes (email, SSN, CC, MRN). Writes DATA_FLOW.md.
Refuse runtime code-eval on user input. Activate before writing eval(), Function(), or string→exec patterns.
Explain a CVE / GHSA / finding in plain English. Activate on CVE-id, GHSA-, or "what is this vuln" questions.
Apply a remediation patch via the deterministic MCP toolchain. Activate when user asks to fix a scanner finding.
Admin access level
Server config contains admin-level keywords
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Executes bash commands
Hook triggers when Bash tool is used
Executes bash commands
Hook triggers when Bash tool is used
Modifies files
Hook triggers on file write and edit operations
Modifies files
Hook triggers on file write and edit operations
Uses power tools
Uses Bash, Write, or Edit tools
Uses power tools
Uses Bash, Write, or Edit tools
Built by Clear Capabilities.
─────────────────────────────────────────────────────────────────
❌ Not safe to deploy · api-billing
─────────────────────────────────────────────────────────────────
3 critical · 8 high · 22 medium · 41 advisory
🔥 2 actively exploited in the wild (CISA KEV)
✓ 1 CONFIRMED (PoC built by /triage --validate)
[critical] SQL Injection api/users.ts:42
Could leak PII for ~5,000 users.
Estimated cost if exploited: $125k–$1.3M
Fix: use parameterized query — db.query('SELECT * FROM users WHERE id = ?', [id])
[critical] Hardcoded Stripe live key src/lib/billing.ts:7
Could enable fraudulent charges against your account.
Estimated cost if exploited: $50k–$500k (chargebacks + Stripe fees)
Fix: rotate via /agentic-security:fix --rotate-secret --auto, then move to env var
[critical] Missing webhook signature api/stripe-webhook.ts:12
Anyone can POST a fake "payment.succeeded" and unlock paid features.
Estimated cost if exploited: cost of a free subscription × every attacker
Fix: stripe.webhooks.constructEvent(rawBody, signature, endpointSecret)
How many do you want to fix?
1. Critical only (3 fixes)
2. Critical + High (11 fixes)
3. Critical + High + Medium (33 fixes)
─────────────────────────────────────────────────────────────────
No CVE jargon. The stakes, the cost, the fix.
In Claude Code (recommended) — two steps:
/plugin marketplace add https://github.com/Clear-Capabilities/agentic-security
/plugin install agentic-security@clearcapabilities
The first command registers the marketplace as a source; the second actually installs the plugin. Then restart Claude Code (or /reload-plugins). To update later: /plugin marketplace update clearcapabilities followed by /plugin install agentic-security@clearcapabilities.
In your terminal (no Claude Code required):
npx @clear-capabilities/agentic-security-scanner secure .
Also works with Codex, Cursor, and Gemini CLI — harness setup.

/agentic-security:secure — Router. Picks the single best next action from project state. Also: --tour, --help, --daily.
/agentic-security:find-and-fix-everything — One-shot scan + fix every severity in one command. The vibecoder "just make it safe" path.
/agentic-security:scan — Run the scanner. Modes: full / diff / watch / baseline / archaeology / scanner-meta.
/agentic-security:triage — Decide on findings. Modes: id / show / explain / validate / tournament / red-team / exploit / query.
/agentic-security:fix — Remediation. Modes: id / all / pr / sca / compliance / rotate-secret / vault / harden / trim / generate.
/agentic-security:posture — Posture + reporting. Modes: status / report-card / harness / trend / threat / playbook / mgmt.
/agentic-security:compliance — Compliance + auditor flows. Modes: report / walkthrough / attestation / audit / pr.
/agentic-security:supply — Supply chain. Modes: check / sbom / cve-alerts / license.
/agentic-security:setup — Workflow installers + guards. Modes: hooks / ci / bodyguard / destructive-guard.
/agentic-security:labs — Experimental + AI-driven. Modes: claude-audit / model-rescan / synthesize-rule / cross-repo / risk-dollars / time-to-fix / llm.
Every legacy capability is reachable as a mode of one of these dispatchers — run /secure --help for the full surface.
/compliance --report <framework> generates an auditor-ready attestation that scans your project against:
| Framework | <framework> | Coverage map |
|---|---|---|
| NIST AI 600-1 (2024) — Generative AI Profile | nist | coverage |
| OWASP ASVS 4.0.3 — Application Security Verification Standard | asvs | coverage |
| OWASP LLM Top 10 (2025) | llm | coverage |
| EU AI Act | eu-ai-act | scripts/eu-ai-act/ |
npx claudepluginhub securityphoenix/agentic-security --plugin agentic-securityComprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Harness-native ECC operator layer - 67 agents, 278 skills, 94 legacy command shims, reusable hooks, rules, selective install profiles, and production-ready workflows for Claude Code, Codex, OpenCode, Cursor, and related agent harnesses
Upstash Context7 MCP server for up-to-date documentation lookup. Pull version-specific documentation and code examples directly from source repositories into your LLM context.
Consult multiple AI coding agents (Gemini, OpenAI, Grok, Perplexity, plus codex, antigravity, and grok CLIs when installed) to get diverse perspectives on coding problems
Evidence-gated AI coding workflow: scan → analyze → plan → TDD → execute → fix → verify → review, powered by Codebase Memory MCP >= 0.9.0 with optional Serena LSP intelligence. Includes blast-radius planning, test/cycle gates, independent review, and Windows Git Bash hook auto-resolution.
v9.52.0 - Reliability wave: tangle contextual review correction loop with hard round ceiling, progress-supervised review rounds (per-agent stall watch, descendant-tree kills), council diversity and agy pin fixes, marketplace generator source-of-truth fix, provider troubleshooting runbook and cost-expectations docs. Run /octo:setup.