npx claudepluginhub laurigates/claude-plugins --plugin configure-pluginThis skill is limited to using the following tools:
Check and configure security scanning tools for dependency audits, SAST, and secret detection.
Generates design tokens/docs from CSS/Tailwind/styled-components codebases, audits visual consistency across 10 dimensions, detects AI slop in UI.
Records polished WebM UI demo videos of web apps using Playwright with cursor overlay, natural pacing, and three-phase scripting. Activates for demo, walkthrough, screen recording, or tutorial requests.
Delivers idiomatic Kotlin patterns for null safety, immutability, sealed classes, coroutines, Flows, extensions, DSL builders, and Gradle DSL. Use when writing, reviewing, refactoring, or designing Kotlin code.
Check and configure security scanning tools for dependency audits, SAST, and secret detection.
| Use this skill when... | Use another approach when... |
|---|---|
| Setting up dependency auditing, SAST, or secret detection for a project | Running a one-off security scan (use gitleaks detect or npm audit directly) |
| Checking project compliance with security scanning standards | Reviewing code for application-level vulnerabilities (use security-audit agent) |
| Configuring Dependabot, CodeQL, or TruffleHog in CI/CD | Managing GitHub repository security settings via the web UI |
| Creating or updating a SECURITY.md policy | Writing security documentation beyond the policy template |
| Auditing which security tools are missing from a project | Investigating a specific CVE or vulnerability |
find . -maxdepth 1 \( -name 'package.json' -o -name 'pyproject.toml' -o -name 'Cargo.toml' -o -name 'go.mod' \)find . -maxdepth 1 -name \'.gitleaks.toml\'find . -maxdepth 1 -name \'.pre-commit-config.yaml\'find . -maxdepth 1 -type d -name \'.github/workflows\'find . -maxdepth 1 -name \'.github/dependabot.yml\'find .github/workflows -maxdepth 1 -name 'codeql*'find . -maxdepth 1 -name \'SECURITY.md\'
Security scanning layers:Parse from command arguments:
--check-only: Report status without offering fixes--fix: Apply all fixes automatically without prompting--type <type>: Focus on specific security type (dependencies, sast, secrets, all)Execute this security scanning configuration check:
Verify latest versions before configuring:
Use WebSearch or WebFetch to verify current versions.
Identify project languages and existing security tools:
| Indicator | Language/Tool | Security Tools |
|---|---|---|
package.json | JavaScript/TypeScript | npm audit, Snyk |
pyproject.toml | Python | pip-audit, safety, bandit |
Cargo.toml | Rust | cargo-audit, cargo-deny |
.gitleaks.toml | gitleaks | Secret scanning |
.github/workflows/ | GitHub Actions | CodeQL, Dependabot |
Check existing security configuration across three areas:
Dependency Auditing:
SAST Scanning:
Secret Detection:
.gitleaks.tomlPrint a formatted compliance report showing status for each security component across dependency auditing, SAST scanning, secret detection, and security policies.
If --check-only is set, stop here.
For the compliance report format, see REFERENCE.md.
Based on detected language:
JavaScript/TypeScript (npm/bun):
package.json.github/dependabot.yml.github/workflows/dependency-review.ymlPython (pip-audit):
uv add --group dev pip-auditRust (cargo-audit):
cargo install cargo-audit --locked.cargo/audit.tomlFor complete configuration templates, see REFERENCE.md.
.github/workflows/codeql.yml with detected languagesuv run bandit -r src/ -f json -o bandit-report.jsonFor CodeQL workflow and Bandit configuration templates, see REFERENCE.md.
brew install gitleaks (or go install github.com/gitleaks/gitleaks/v8@latest).gitleaks.toml with project-specific allowlistsgitleaks detect --source ..pre-commit-config.yamlFor gitleaks, TruffleHog, and CI workflow configuration templates, see REFERENCE.md.
Create SECURITY.md with:
For the SECURITY.md template, see REFERENCE.md.
Create comprehensive security workflow .github/workflows/security.yml with jobs for:
Schedule weekly scans in addition to push/PR triggers.
For the CI security workflow template, see REFERENCE.md.
Update .project-standards.yaml:
components:
security: "2025.1"
security_dependency_audit: true
security_sast: true
security_secret_detection: true
security_policy: true
security_dependabot: true
Print a summary of all changes made across dependency auditing, SAST scanning, secret detection, security policy, and CI/CD integration. Include next steps for reviewing Dependabot PRs, CodeQL findings, and enabling private vulnerability reporting.
For the results report format, see REFERENCE.md.
| Context | Command |
|---|---|
| Quick compliance check | /configure:security --check-only |
| Auto-fix all security gaps | /configure:security --fix |
| Dependencies only | /configure:security --type dependencies |
| Secret detection only | /configure:security --type secrets |
| SAST scanning only | /configure:security --type sast |
| Verify secrets scan | gitleaks detect --source . --verbose |
| Flag | Description |
|---|---|
--check-only | Report status without offering fixes |
--fix | Apply all fixes automatically without prompting |
--type <type> | Focus on specific security type (dependencies, sast, secrets, all) |
/configure:workflows - GitHub Actions workflow standards/configure:pre-commit - Pre-commit hook configuration/configure:all - Run all compliance checks