Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From fuse-security
Main security scanning orchestration. Detects language, runs OWASP Top 10 patterns, identifies vulnerabilities, generates structured reports. Use when scanning for XSS, SQL injection, command injection, secrets, or any security vulnerability.
npx claudepluginhub fusengine/agents --plugin fuse-securityHow this skill is triggered — by the user, by Claude, or both
Slash command
/fuse-security:security-scanThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Orchestrates the full security scanning workflow across all supported languages.
Scans codebases for vulnerabilities like SQL injection, XSS, auth flaws, insecure deps, and secrets using grep and bash. Generates severity-rated reports with file locations, explanations, and fixes.
Performs Static Application Security Testing (SAST) to detect vulnerabilities like SQL injection, XSS, hardcoded secrets, and path traversal in Python, JavaScript/TypeScript, Java, Ruby, PHP, Go, Rust codebases using Bandit, Semgrep, ESLint Security.
Share bugs, ideas, or general feedback.
Orchestrates the full security scanning workflow across all supported languages.
| Language | Marker Files | Pattern Count |
|---|---|---|
| JavaScript/TypeScript | package.json | 25+ |
| PHP | composer.json | 20+ |
| Python | requirements.txt, pyproject.toml | 18+ |
| Swift/iOS | Package.swift, *.xcodeproj | 15+ |
| Go | go.mod | 12+ |
| Rust | Cargo.toml | 10+ |
references/scan-patterns.mdscripts/security-scan.sh for automated scanningreferences/owasp-top10.mdreferences/templates/scan-report.mdAfter scanning, delegate fixes to sniper:
Agent(subagent_type="fuse-ai-pilot:sniper", prompt="Security fixes: [FILE:LINE] [VULN] [FIX]")