بنقرة واحدة
security-scan
Deep security analysis of codebase. Scans for secrets, vulnerabilities, and insecure patterns.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Deep security analysis of codebase. Scans for secrets, vulnerabilities, and insecure patterns.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Comprehensive pre-merge testing for CodeGeass. Tests PR changes FIRST, then runs regression tests on all CLI commands and Dashboard API endpoints.
Implement code from a GitHub issue specification. Explores codebase, researches docs, creates temporary implementation plan, then implements incrementally (small piece → test → commit → next). Cleans up plan file before PR.
Plan new features/integrations following SOLID principles. Analyzes codebase architecture, researches official documentation and best practices, designs extensible solution, and creates comprehensive GitHub issue with implementation blueprint.
Refactor monolithic code into clean, single-responsibility modules following SOLID principles
Release a new version to PyPI - updates version, changelog, commits, tags, and pushes
Comprehensive code review for PRs or recent changes. Checks correctness, security, performance, maintainability, and tests.
| name | security-scan |
| description | Deep security analysis of codebase. Scans for secrets, vulnerabilities, and insecure patterns. |
| context | fork |
| agent | Explore |
| allowed-tools | Read, Grep, Glob, Bash(git log *), Bash(pip-audit), Bash(npm audit), Bash(find * -name *) |
| disable-model-invocation | true |
Perform a comprehensive security scan on the codebase.
Search for exposed credentials:
- password=
- api_key=
- secret=
- token=
- private_key
- -----BEGIN.*PRIVATE KEY-----
- AKIA[A-Z0-9]{16} # AWS Access Key
- sk_live_ # Stripe
- ghp_ # GitHub Personal Token
Check for vulnerable dependencies:
pip-audit (Python) or npm audit (JS)Scan for:
Check for:
find . -name "package.json" -o -name "requirements.txt" -o -name "Gemfile" -o -name "go.mod" 2>/dev/null | head -10grep -r -l "password\|secret\|api_key\|token" --include="*.py" --include="*.js" --include="*.ts" --include="*.env*" 2>/dev/null | head -5Return a JSON security report:
{
"audit_summary": "Overall security assessment",
"risk_level": "low|medium|high|critical",
"findings": [
{
"id": "SEC-001",
"title": "Hardcoded API Key Found",
"severity": "critical",
"category": "secrets",
"file": "config/settings.py",
"line": 15,
"description": "AWS access key hardcoded in source file",
"evidence": "AWS_ACCESS_KEY = 'AKIA...'",
"remediation": "Move to environment variables or secrets manager",
"cwe": "CWE-798"
}
],
"recommendations": [
"Enable secret scanning in CI/CD",
"Implement dependency vulnerability scanning"
],
"dependencies_checked": true,
"files_scanned": 42
}
$ARGUMENTS