From ruflo-security-audit
Run full security scans on the codebase using Ruflo security tools. Use when reviewing PRs for security regressions, auditing auth/input-handling code, before production deploys, or when the user asks for a security check at quick/standard/deep depth.
How this skill is triggered — by the user, by Claude, or both
Slash command
/ruflo-security-audit:security-scan [depth: quick|standard|deep][depth: quick|standard|deep]This skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Run a security scan at the specified depth.
Run a security scan at the specified depth.
Via CLI:
npx @claude-flow/cli@latest security scan --depth DEPTH --output json
npx @claude-flow/cli@latest security cve --list
npx @claude-flow/cli@latest security threats --model stride --export md
| Depth | Checks |
|---|---|
| quick | Dependencies, known CVEs |
| standard | + Input validation, path traversal, secrets |
| deep | + Threat modeling, injection vectors, auth flows |
Store findings via MCP: mcp__claude-flow__memory_store({ key: "scan-findings", value: "SUMMARY", namespace: "security-findings" })
Train patterns: mcp__claude-flow__hooks_post-task({ taskId: "security-scan", success: true, storeResults: true })
npx claudepluginhub hjain-spcg/claude-code-flow --plugin ruflo-security-auditGuides creation and editing of skills using test-driven development with pressure scenarios and subagents to verify agent compliance.
Manages knowledge base ingestion, sync, and retrieval across local files, MCP memory, vector stores, and Git repos. Use for saving, organizing, deduplicating, or searching knowledge.
6plugins reuse this skill
First indexed Jul 14, 2026