Stats
Actions
Tags
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
From aikido
Runs Aikido security scans on generated, added, or modified code files to detect SAST vulnerabilities and exposed secrets, with automated fix-and-rescan loop.
How this skill is triggered — by the user, by Claude, or both
Slash command
/aikido:scanThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
When scanning the code for security vulnerabilities using the Aikido MCP server:
When scanning the code for security vulnerabilities using the Aikido MCP server:
If the Aikido MCP server is not available or fails to start, inform the user:
The Aikido MCP server is required for security scanning but is not available. Install it following the setup guide at reference.md.
npx claudepluginhub aikidosec/aikido-claude-plugin --plugin aikidoScans codebases for leaked secrets (API keys, tokens, passwords, private keys), insecure code patterns, and configuration issues. Returns severity-rated findings with file locations and remediation steps.
Scans codebases for OWASP Top 10 vulnerabilities via static analysis: secret exposure, injection flaws, auth/authz gaps, supply-chain risks, misconfigurations, logging failures. Use before deployments, PR merges, auth/payment changes.