security-scan

by affaan-m

The security-scan skill audits your Claude Code .claude/ configuration for secrets, risky MCP setup, injection-prone instructions, dangerous bypass flags, and weak agent or hook definitions using AgentShield. Use it for repeatable security checks before committing or onboarding.

Stars156.3k

Favorites0

Comments0

AddedApr 15, 2026

CategorySecurity Audit

Install Command

npx skills add affaan-m/everything-claude-code --skill security-scan

Curation Score

This skill scores 78/100, which means it is a solid listing candidate for directory users who want a focused security audit of Claude Code configuration. It gives enough concrete workflow guidance to install with reasonable confidence, though users should note it depends on an external tool and could use tighter quick-start packaging.

78/100

Strengths

Clear activation scenarios for new projects, config changes, commits, onboarding, and periodic checks.
Specific scan coverage across CLAUDE.md, settings.json, mcp.json, hooks, and agents/*.md, which helps agents understand exactly what to inspect.
Practical usage guidance with AgentShield install/run commands and explicit security checks like secrets, injection patterns, risky MCP servers, and command injection.

Cautions

Requires AgentShield to be installed, so the skill is not fully self-contained.
No support files or install command are present, which may leave some setup and execution details to the user.

Claude Code Claude MCP Hooks Security Prompt Injection Agent Browser

Overview

Overview of security-scan skill

What security-scan does

The security-scan skill audits a Claude Code project’s .claude/ configuration for security risks using AgentShield. It looks for secrets, risky MCP server setup, injection-prone instructions, dangerous bypass flags, and weak agent or hook definitions.

Who should install it

Use the security-scan skill if you maintain Claude Code configs, review AI agent setups, or need a repeatable security check before committing changes. It is most useful for repo owners, platform engineers, and anyone onboarding to an existing project with unknown .claude hygiene.

Why it matters in practice

A generic prompt can miss config-specific threats. This skill is aimed at the real job: quickly deciding whether a Claude Code setup is safe enough to trust, and identifying where the risk lives so you can fix it before it spreads.

How to Use security-scan skill

Install and confirm the toolchain

For security-scan install, add the skill from the directory’s repo path:
npx skills add affaan-m/everything-claude-code --skill security-scan

Then confirm AgentShield is available:
npx ecc-agentshield --version

If needed, install it globally with npm install -g ecc-agentshield, or run scans directly with npx ecc-agentshield scan ..

Give the skill the right input

The security-scan usage works best when you point it at a specific Claude Code workspace and describe the change you are reviewing. Strong input looks like: “Scan this repo’s .claude/ folder after the new MCP server and hook updates, and flag any secret exposure, injection paths, or overbroad tool access.”

Read the files in this order

Start with SKILL.md, then inspect CLAUDE.md, .claude/settings.json, mcp.json, hooks/, and agents/*.md. That order matches the scan surface and helps you map findings back to the exact config file instead of treating the output as a generic security report.

Use a review loop, not a one-off run

Run the scan before commit, after config edits, and during onboarding to a repo. For security-scan for Security Audit, focus on whether each finding changes trust: secrets should be removed, risky commands should be narrowed, and any prompt-injection exposure should be rewritten as explicit constraints.

security-scan skill FAQ

Is security-scan only for Claude Code users?

Yes. This skill is built around Claude Code configuration in .claude/, not general application security scanning or source-code vulnerability hunting.

What makes it different from a normal prompt?

A normal prompt may ask for a security review, but security-scan encodes the exact surfaces to check: CLAUDE.md, settings, MCP servers, hooks, and agent files. That makes it better for repeatable reviews and less dependent on the model guessing what “security” means.

Is it beginner-friendly?

Yes, if you can identify the repo’s Claude Code config files. The main limitation is that it assumes you can act on findings like risky shell interpolation, permissive allow lists, or exposed secrets.

When should I not use it?

Do not use security-scan as a substitute for application vulnerability testing, dependency auditing, or secrets scanning across the whole codebase. It is best when the security question is specifically about Claude Code configuration.

How to Improve security-scan skill

Make the scan scope explicit

The best security-scan results come from naming the exact directory, branch, or config change. “Scan .claude/” is useful; “review my repo” is too broad and increases the chance of shallow findings.

Provide the change you fear most

Tell the skill what changed: a new MCP server, a modified hook, a new agent, or a settings tweak. That helps it weigh the most likely failure mode instead of reporting everything with the same priority.

Ask for decision-grade output

If you want better security-scan usage, request findings in a fix-first format: file, risk, why it matters, and the smallest safe change. That reduces ambiguity and makes it easier to patch configs without overcorrecting.

Iterate after the first pass

After the first run, rescan only the files you changed. For a security-scan guide that produces better results over time, treat each finding as a prompt to tighten allow lists, remove risky instructions, or simplify hooks before the next review.

Ratings & Reviews

No ratings yet

Share your review

0/10000

Latest reviews

Saving...

more skill

security-review

by affaan-m

Use the security-review skill to review auth, user input, secrets, APIs, payments, uploads, and other sensitive flows. It provides a practical security-review guide with clear pass/fail checks, risky-pattern examples, and a focused process for catching common issues before release.

Security Audit

Favorites 0GitHub 156.3k

django-security

by affaan-m

django-security is a practical guide for hardening Django apps with authentication, authorization, CSRF, XSS, SQL injection prevention, secure cookies, and production settings. It helps developers and reviewers run a focused Security Audit, quickly spot risky config, and apply concrete fixes before deployment.

Security Audit

Favorites 0GitHub 156.1k

supabase-postgres-best-practices

by supabase

supabase-postgres-best-practices is a Supabase Postgres optimization skill for query tuning, indexing, schema design, RLS performance, locking, and connection management.

Database Engineering

Favorites 0GitHub 1.7k

audit-website

by squirrelscan

The audit-website skill uses the squirrel CLI to audit websites and webapps across 230+ rules for SEO, technical, content, performance, security, links, and site health, then returns actionable LLM-ready reports.

UX Audit

Favorites 0GitHub 68

skill-comply

by affaan-m

skill-comply is a compliance-testing skill that checks whether an agent follows a skill, rule, or agent definition in real runs. It generates specs from markdown, runs three prompt strictness levels, classifies tool-call timelines, and reports compliance rates with evidence. Useful for skill-comply for Compliance Review.

Compliance Review

Favorites 0GitHub 156.3k

perl-security

by affaan-m

perl-security helps you review Perl code for safer input handling, taint mode, shell execution, DBI placeholders, and web security issues like XSS, SQLi, and CSRF. Use this perl-security skill for Security Audit work, remediation planning, and secure development when user-controlled data reaches sensitive sinks.

Security Audit

Favorites 0GitHub 156.2k

laravel-security

by affaan-m

The laravel-security skill is a practical Laravel security checklist for authn/authz, validation, CSRF, mass assignment, file uploads, secrets, rate limiting, and secure deployment. Use it for audits, feature reviews, and hardening work in Laravel apps.

Security Audit

Favorites 0GitHub 156.2k

healthcare-eval-harness

by affaan-m

healthcare-eval-harness is a patient safety evaluation harness for healthcare app deployments. It helps teams verify CDSS accuracy, PHI exposure, data integrity, clinical workflow behavior, and integration compliance before release. Critical failures block deployment, making it useful for healthcare-eval-harness for Model Evaluation and CI safety gates.

Model Evaluation

Favorites 0GitHub 156.2k

github-ops

by affaan-m

github-ops is a GitHub operations skill for triaging issues, managing PRs, checking CI failures, preparing releases, and monitoring repository health with the gh CLI. Use the github-ops skill when you need repeatable github-ops usage for a real repository, with auth via gh auth login and clear repo context.

Github

Favorites 0GitHub 156.2k

ecc-tools-cost-audit

by affaan-m

ecc-tools-cost-audit is an evidence-first audit skill for ECC Tools cost spikes, runaway PR creation, quota bypass, premium-model leakage, and duplicate jobs. Use it for Backend Development investigations that trace a request from webhook to worker to billing decision and prove where spend is being created.

Backend Development

Favorites 0GitHub 156.1k

defi-amm-security

by affaan-m

defi-amm-security is a focused security checklist for Solidity AMMs, liquidity pools, LP vaults, and swap flows. It helps auditors and engineers review reentrancy, CEI ordering, donation or inflation attacks, oracle assumptions, slippage, admin controls, and integer math with less guesswork than a generic prompt.

Security Audit

Favorites 0GitHub 156.1k

code-reviewer

by Shubhamsaboo

code-reviewer is an AI code review skill that follows a strict review order: security, performance, correctness, and maintainability. It uses rule files for SQL injection, XSS, N+1 queries, error handling, naming, and type hints, making PR reviews more consistent than a generic review prompt.

Code Review

Favorites 0GitHub 104.2k

stride-analysis-patterns

by wshobson

stride-analysis-patterns helps agents run a structured STRIDE threat-modeling pass for architectures, APIs, and data flows. Install from the wshobson/agents repo, read the SKILL.md file, and use it to turn system descriptions into categorized threats and control-focused review output.

Threat Modeling

Favorites 0GitHub 32.6k

anti-reversing-techniques

by wshobson

anti-reversing-techniques is a reverse-engineering skill for authorized malware analysis, CTF work, packed binary triage, and security audits. It helps you identify anti-debugging, anti-VM, packing, and obfuscation patterns, then choose a practical analysis workflow using the core skill and advanced reference.

Security Audit

Favorites 0GitHub 32.6k

k8s-security-policies

by wshobson

k8s-security-policies helps teams draft Kubernetes NetworkPolicy, Pod Security Standards labels, and RBAC patterns using repo-backed templates and references for hardening and audit-ready rollout planning.

Security Audit

Favorites 0GitHub 32.6k

security

by markdown-viewer

The security skill creates PlantUML security architecture diagrams with AWS stencils for identity, encryption, firewalling, compliance, and threat detection. Use it for IAM flows, zero-trust designs, encryption pipelines, Security Audit diagrams, and review-ready documentation. It is not meant for general cloud infrastructure or generic UML modeling.

Security Audit

Favorites 0GitHub 1.1k