sast-horusec

Description

Multi-language static application security testing using Horusec with support for 18+ programming languages and 20+ security analysis tools. Performs SAST scans, secret detection in git history, and provides vulnerability findings with severity classification. Use when: (1) Analyzing code for security vulnerabilities across multiple languages simultaneously, (2) Detecting exposed secrets and credentials in git history, (3) Integrating SAST into CI/CD pipelines for secure SDLC, (4) Performing comprehensive security analysis during development, (5) Managing false positives and prioritizing security findings.

Install

Add the repository(one-time)

/plugin marketplace add AgentSecOps/SecOpsAgentKit

Install the plugin

/plugin install appsec-skills@agent-sec-ops-kit-skills

Tool Access

This skill inherits all available tools. When active, it can use any tool Claude has access to.

Supporting Assets

View in Repository

assets/ci-config-template.yml

assets/rule-template.yaml

references/EXAMPLE.md

references/WORKFLOW_CHECKLIST.md

Links

GitHub Stats

0 forks

Similar Skills

attack-tree-construction

Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.

security-scanning

23.7k

sast-configuration

Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.

security-scanning

23.7k

security-requirement-extraction

Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user stories, or building security test cases.

security-scanning

23.7k