From agi-super-team
Conducts security-focused code reviews to detect SQL injection, XSS, authentication flaws, and insecure dependencies. Activated by phrases like 'security scan' or 'audit'.
How this skill is triggered — by the user, by Claude, or both
Slash command
/agi-super-team:performing-security-code-reviewThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
This skill provides automated assistance for security agent tasks.
This skill provides automated assistance for security agent tasks.
This skill empowers Claude to act as a security expert, identifying and explaining potential vulnerabilities within code. It leverages the security-agent plugin to provide detailed security analysis, helping developers improve the security posture of their applications.
This skill activates when you need to:
User request: "Please review this database query code for SQL injection vulnerabilities."
The skill will:
User request: "Can you check this project's dependencies for known security vulnerabilities?"
The skill will:
This skill integrates with Claude's code understanding capabilities and leverages the security-agent plugin to provide specialized security analysis. It can be used in conjunction with other code analysis tools to provide a comprehensive assessment of code quality and security.
The skill produces structured output relevant to the task.
npx claudepluginhub aaaaqwq/agi-super-team --plugin agi-super-teamScans codebases for vulnerabilities like SQL injection, XSS, auth flaws, insecure deps, and secrets using grep and bash. Generates severity-rated reports with file locations, explanations, and fixes.
Scans codebases for OWASP Top 10 vulnerabilities via static analysis: secret exposure, injection flaws, auth/authz gaps, supply-chain risks, misconfigurations, logging failures. Use before deployments, PR merges, auth/payment changes.
Performs systematic security code review for vulnerabilities including injection, XSS, authentication, authorization, and cryptography issues. Reports only high-confidence exploitable findings after tracing data flow and checking framework protections.