From ruflo-security-audit
Run full security scans on the codebase using Ruflo security tools. Use when reviewing PRs for security regressions, auditing auth/input-handling code, before production deploys, or when the user asks for a security check at quick/standard/deep depth.
How this skill is triggered — by the user, by Claude, or both
Slash command
/ruflo-security-audit:security-scan [depth: quick|standard|deep][depth: quick|standard|deep]This skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Run a security scan at the specified depth.
Run a security scan at the specified depth.
Via CLI:
npx @claude-flow/cli@latest security scan --depth DEPTH --output json
npx @claude-flow/cli@latest security cve --list
npx @claude-flow/cli@latest security threats --model stride --export md
| Depth | Checks |
|---|---|
| quick | Dependencies, known CVEs |
| standard | + Input validation, path traversal, secrets |
| deep | + Threat modeling, injection vectors, auth flows |
Store findings via MCP: mcp__claude-flow__memory_store({ key: "scan-findings", value: "SUMMARY", namespace: "security-findings" })
Train patterns: mcp__claude-flow__hooks_post-task({ taskId: "security-scan", success: true, storeResults: true })
npx claudepluginhub nikolaef43/ruflo --plugin ruflo-security-auditGuides creation and editing of skills using test-driven development with pressure scenarios and subagents to verify agent compliance.
4plugins reuse this skill
First indexed Jul 14, 2026