security-scan-workflow

Description

Automated security scanning workflow using Semgrep MCP. Scans changed files for OWASP Top 10 vulnerabilities, CWE patterns, hardcoded secrets, and security misconfigurations. Returns prioritized findings with remediation guidance. Use when security validation is needed for code changes (invoked by security-engineer, code-quality-validator, or /audit command). Scans only changed files for efficiency (10-15s overhead).

Tool Access

Full access

Inherits all available tools

Supporting Files

0 files

Additional assets for this skill

Tool Access

This skill inherits all available tools. When active, it can use any tool Claude has access to.

Links

GitHub Stats

0 forks

Updated 1 day ago

Related Skills

Writing Hookify Rules

46.0K

This skill should be used when the user asks to "create a hookify rule", "write a hook rule", "configure hookify", "add a hookify rule", or needs guidance on hookify rule syntax and patterns.

From hookify

frontend-design

46.0K

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

From frontend-design

claude-opus-4-5-migration

46.0K

Migrate prompts and code from Claude Sonnet 4.0, Sonnet 4.5, or Opus 4.1 to Opus 4.5. Use when the user wants to update their codebase, prompts, or API calls to use Opus 4.5. Handles model string updates and prompt adjustments for known Opus 4.5 behavioral differences. Does NOT migrate Haiku 4.5.

From claude-opus-4-5-migration