Skill

security-scan

Scan code for security vulnerabilities using the SECURITY-CHECKLIST. Use when running 'security scan', 'vulnerability check', 'wheee vulns', or before deployment.

From wheee

Install

Run in your terminal

npx claudepluginhub skatekowski/wheee-plugin --plugin wheee

Tool Access

This skill is limited to using the following tools:

ReadGrepGlobBash

Supporting Assets

View in Repository

references/SECURITY-CHECKLIST.md

Skill Content

Similar Skills

skill-lookup

Searches, retrieves, and installs Agent Skills from prompts.chat registry using MCP tools like search_skills and get_skill. Activates for finding skills, browsing catalogs, or extending Claude.

prompts.chat

157.5k

prompt-lookup

Searches prompts.chat for AI prompt templates by keyword or category, retrieves by ID with variable handling, and improves prompts via AI. Use for discovering or enhancing prompts.

prompts.chat

157.5k

agent-eval

Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.

ecc

140.3k

Stats

Stars1

Forks0

Last CommitFeb 25, 2026

Actions

View Source View Plugin View on GitHub View README

Process

Read references/SECURITY-CHECKLIST.md

Determine scope (changed files or full project)

Check each of the 14 security sections:

Input Validation & Sanitization
Authentication & Authorization
Session Management
Data Protection
API Security
Error Handling & Logging
Dependency Security
File Operations
Database Security
Configuration Security
Client-Side Security
Infrastructure
Business Logic
Compliance

For dependency vulnerabilities, run: npm audit / pip audit / cargo audit as appropriate

Report all findings with severity ratings

Output Format

## Security Scan Report ### Critical Vulnerabilities - [file:line] — [CVE/issue] — [remediation] ### High Risk - [file:line] — [issue] — [remediation] ### Medium Risk - [file:line] — [issue] — [suggestion] ### Dependency Audit - X vulnerabilities found (Y critical, Z high) ### Verdict: SECURE / VULNERABILITIES FOUND

Security Scan

Scan the project for security vulnerabilities against the SECURITY-CHECKLIST.

Process

Read references/SECURITY-CHECKLIST.md
Determine scope (changed files or full project)
Check each of the 14 security sections:
- Input Validation & Sanitization
- Authentication & Authorization
- Session Management
- Data Protection
- API Security
- Error Handling & Logging
- Dependency Security
- File Operations
- Database Security
- Configuration Security
- Client-Side Security
- Infrastructure
- Business Logic
- Compliance
For dependency vulnerabilities, run: npm audit / pip audit / cargo audit as appropriate
Report all findings with severity ratings

Output Format

## Security Scan Report

### Critical Vulnerabilities
- [file:line] — [CVE/issue] — [remediation]

### High Risk
- [file:line] — [issue] — [remediation]

### Medium Risk
- [file:line] — [issue] — [suggestion]

### Dependency Audit
- X vulnerabilities found (Y critical, Z high)

### Verdict: SECURE / VULNERABILITIES FOUND