Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From code-modernization
Scans legacy code for security vulnerabilities (OWASP, CWE, CVE, secrets, injection), ranks findings, and produces a reviewable remediation patch without modifying original files.
npx claudepluginhub minhthang1009/dotclaude --plugin code-modernizationHow this skill is triggered — by the user, by Claude, or both
Slash command
/code-modernization:modernize-harden <system-dir><system-dir>The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Run a **security hardening pass** on `legacy/$1`: find vulnerabilities, rank
Creates p5.js generative art with seeded randomness, noise fields, and interactive parameter exploration. Use for algorithmic art, flow fields, or particle systems.
Share bugs, ideas, or general feedback.
Run a security hardening pass on legacy/$1: find vulnerabilities, rank
them, and produce a reviewable patch for the critical ones.
This command never edits legacy/ — it writes findings and a proposed patch
to analysis/$1/. The user reviews and applies (or not).
Spawn the security-auditor subagent:
"Adversarially audit legacy/$1 for security vulnerabilities. Cover what's relevant to the stack: injection (SQL/NoSQL/OS command/template), broken auth, sensitive data exposure, access control gaps, insecure deserialization, hardcoded secrets, vulnerable dependency versions, missing input validation, path traversal. For each finding return: CWE ID, severity (Critical/High/Med/Low), file:line, one-sentence exploit scenario, and recommended fix. Run any available SAST tooling (npm audit, pip-audit, OWASP dependency-check) and include its raw output."
Write analysis/$1/SECURITY_FINDINGS.md:
For each Critical and High finding, draft a minimal, targeted fix.
Do not edit legacy/ — write all fixes as a single unified diff to
analysis/$1/security_remediation.patch, with a comment line above each
hunk citing the finding ID it addresses (# SEC-001: parameterize the query).
Add a Remediation Log section to SECURITY_FINDINGS.md mapping each finding ID → one-line summary of the proposed fix and the patch hunk that implements it.
Spawn the security-auditor again to review the patch against the original code:
"Review analysis/$1/security_remediation.patch against legacy/$1. For each hunk: does it fully remediate the cited finding? Does it introduce new vulnerabilities or change behavior beyond the fix? Return one verdict per hunk: RESOLVES / PARTIAL / INTRODUCES-RISK, with a one-line reason."
Add a Patch Review section to SECURITY_FINDINGS.md with the verdicts. If any hunk is PARTIAL or INTRODUCES-RISK, revise the patch and re-review.
Tell the user the artifacts are ready:
analysis/$1/SECURITY_FINDINGS.md — findings, remediation log, patch reviewanalysis/$1/security_remediation.patch — review, then apply if appropriate
with git -C legacy/$1 apply ../../analysis/$1/security_remediation.patch/modernize-harden $1 after applying to confirm resolutionSuggest: glow -p analysis/$1/SECURITY_FINDINGS.md