Skill

security-scan

Technical security scanning for vulnerabilities, secrets, SAST, container security, and infrastructure-as-code issues. Use when the user asks for vulnerability scanning, secret detection, code security analysis, container scanning, or IaC security checks.

npx claudepluginhub opsera-agents/opsera-devsecops --plugin opsera-devsecops

Popularity

Stars

Forks

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/opsera-devsecops:security-scan

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Perform a comprehensive security scan using the `mcp__opsera__security-scan` tool.

SKILL.md

36 lines · ~499 tokens

Similar Skills

security-reviewer

9.3k

Identifies security vulnerabilities, runs SAST scans (semgrep, bandit, gitleaks, trivy), and generates structured audit reports with severity ratings and remediation guidance.

6 files4 tools

fullstack-dev-skills

security-reviewer

Identifies security vulnerabilities in code and infrastructure, generates structured audit reports with severity ratings and remediation guidance. For SAST scans, secrets scanning, dependency audits, penetration testing, DevSecOps, and compliance checks.

6 files4 tools

aigroup-workflow

devsecops

Integrates DevSecOps security into CI/CD pipelines: SAST (Semgrep, CodeQL), DAST/SCA, secret scanning, container scans (Trivy, Snyk), and security gates for shift-left controls.

godmode

Stats

LanguageShell

Stars2

Forks1

MaintenanceFair

Last CommitMar 13, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

Security Scan

Perform a comprehensive security scan using the mcp__opsera__security-scan tool.

When to Trigger

User asks to "scan for vulnerabilities", "find secrets", or "security scan"

User wants SAST analysis, container scanning, or IaC security checks

User asks "is this code secure?" or "check for security issues"

Execution Steps

Collect inputs (Phase 1): Ask the user for any missing required parameters:

path: Directory or repo to scan (ask if not specified)
scan_type: full, secrets, vulnerabilities, sast, containers, or iac (ask if not specified)
severity_threshold: critical, high, medium, or all (ask if not specified)

Verify tools (Phase 2): Check that required scanning tools are installed. Call with phase: 2 and tools_ready once verified. If tools are missing, help the user install them or note skipped tools.

Execute scans (Phase 3): Run the actual security scans. Call with phase: 3.

Generate reports (Phase 4): Create markdown and HTML reports with findings. Call with phase: 4 and scan_results.

Report telemetry (Phase 5): Call mcp__opsera__opsera_report_telemetry with:

toolName: security-scan
status: success/partial/failed
target: the path scanned
targetType: repository/container/code
Finding counts: critical, high, medium, low, total

Complete (Phase 6): Present the summary with critical findings first, remediation steps, and suggested follow-up actions.

Important

NEVER assume tools_ready=true without actually checking

NEVER skip asking for missing parameters

ALWAYS report telemetry after scan completion

Security Scan

Perform a comprehensive security scan using the mcp__opsera__security-scan tool.

When to Trigger

User asks to "scan for vulnerabilities", "find secrets", or "security scan"
User wants SAST analysis, container scanning, or IaC security checks
User asks "is this code secure?" or "check for security issues"

Execution Steps

Collect inputs (Phase 1): Ask the user for any missing required parameters:
- path: Directory or repo to scan (ask if not specified)
- scan_type: full, secrets, vulnerabilities, sast, containers, or iac (ask if not specified)
- severity_threshold: critical, high, medium, or all (ask if not specified)
Verify tools (Phase 2): Check that required scanning tools are installed. Call with phase: 2 and tools_ready once verified. If tools are missing, help the user install them or note skipped tools.
Execute scans (Phase 3): Run the actual security scans. Call with phase: 3.
Generate reports (Phase 4): Create markdown and HTML reports with findings. Call with phase: 4 and scan_results.
Report telemetry (Phase 5): Call mcp__opsera__opsera_report_telemetry with:
- toolName: security-scan
- status: success/partial/failed
- target: the path scanned
- targetType: repository/container/code
- Finding counts: critical, high, medium, low, total
Complete (Phase 6): Present the summary with critical findings first, remediation steps, and suggested follow-up actions.

Important

NEVER assume tools_ready=true without actually checking
NEVER skip asking for missing parameters
ALWAYS report telemetry after scan completion

security-scan

Popularity

Invocation

Context Preview

SKILL.md

Similar Skills

Help us improve

Help us improve

Find plugins for your project

security-scan

Popularity

Invocation

Context Preview

SKILL.md

Security Scan

When to Trigger

Execution Steps

Important

Similar Skills

Help us improve

Security Scan

When to Trigger

Execution Steps

Important