security-sweeplisted

Scan codebase for security vulnerabilities, hardcoded secrets, injection flaws, misconfigurations, and attack surfaces. Use when user wants a security audit, vulnerability scan, or to find security issues.
Ksx9797/security-sweep-plugin · ★ 0 · Code & Development · score 78

Install: claude install-skill Ksx9797/security-sweep-plugin

# Security Sweep Run a comprehensive security scan of the codebase. This skill identifies vulnerabilities, hardcoded secrets, injection flaws, misconfigurations, and attack surfaces across web and mobile applications. ## Arguments - `$0` (optional): Scan scope — one of: `all`, `secrets`, `injection`, `auth`, `config`, `deps`, `ai`, `mobile`, `data`. Defaults to `all`. - `$1` (optional): Path to scan. Defaults to the project root. If `$ARGUMENTS` is empty, run a full `all` scan from the project root. ## Execution Plan ### Step 1: Tech Stack Detection Before scanning, detect the project's tech stack by checking for indicator files. This determines which language-specific checks to run. | Indicator File | Stack | Scan Focus | |---|---|---| | `package.json` | Node.js/JS/TS | npm patterns, XSS sinks, eval, child_process | | `requirements.txt`, `pyproject.toml`, `setup.py`, `Pipfile` | Python | pickle, subprocess, Jinja2, Django/Flask patterns | | `pom.xml`, `build.gradle`, `build.gradle.kts` | Java/Kotlin | JDBC injection, ObjectInputStream, Spring patterns | | `Gemfile` | Ruby | Marshal, system(), ERB patterns | | `go.mod` | Go | fmt.Sprintf in SQL, crypto patterns | | `Cargo.toml` | Rust | unsafe blocks, FFI | | `composer.json` | PHP | exec, unserialize, include with vars | | `*.csproj` | .NET | BinaryFormatter, SqlCommand concat | | `AndroidManifest.xml` | Android | exported components, cleartext, SharedPreferences | | `Info.plist`, `*.xcodeproj`, `Podfile` | iOS | NSUs