Skip to main content
تشغيل أي مهارة في Manus
بنقرة واحدة

devsecops-repo-analyzer

النجوم٢
التفرعات١
آخر تحديث١٣ أبريل ٢٠٢٦ في ٠١:٢٣

Performs end-to-end DevSecOps security analysis on any GitHub repository. Runs a 6-stage pipeline: repo ingestion and inventory, application context classification with STRIDE threat modeling, multi-tool vulnerability scanning (SAST, SCA via Trivy + Snyk + Grype, secrets, IaC), reachability and context analysis that assigns Real Risk Scores, remediation recommendations with optional GitHub PR generation, and a final structured assessment report. Use when the user asks to analyze a repo for security issues, run a DevSecOps assessment, threat model a codebase, check for vulnerabilities, or audit an open source project. Triggers include phrases like "analyze this repo", "security scan", "vulnerability assessment", "threat model this", "DevSecOps analysis", "audit this codebase", or "check this project for security issues".

التثبيت

التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.

مستكشف الملفات
8 ملفات
SKILL.md
readonly