// Run a comprehensive security scan on a codebase using available security scanners (Semgrep, Bandit, Trivy, osv-scanner). Returns structured findings with severity, file location, and OWASP mapping.
| name | scan |
| description | Run a comprehensive security scan on a codebase using available security scanners (Semgrep, Bandit, Trivy, osv-scanner). Returns structured findings with severity, file location, and OWASP mapping. |
Run a multi-engine security scan on a target directory or repo and produce a structured vulnerability report.
{
"scan_id": "uuid",
"target": "path/or/url",
"timestamp": "ISO8601",
"summary": {
"critical": 0,
"high": 2,
"medium": 5,
"low": 12,
"total": 19
},
"findings": [
{
"id": "finding-uuid",
"engine": "semgrep",
"rule": "typescript.express.security.audit.xss",
"severity": "HIGH",
"file": "src/api/handler.ts",
"line": 42,
"title": "Cross-Site Scripting (XSS)",
"description": "User input rendered without sanitization",
"owasp": "A03:2021 Injection",
"fix_available": true,
"estimated_loc": 3
}
]
}
Debug a Kurtosis devnet that is not producing blocks. Iterates through logs → code correlation → fix → rebuild → retest until the chain advances.
Launch a team of 4 parallel agents to add depth across multiple packages. Each agent creates 2 source files + 2 test files in non-overlapping packages. All files build and pass tests before committing.
Reviews code changes for bugs, security issues, and quality problems
Checks if code changes require documentation updates
Generate a minimal security patch for a specific vulnerability finding. Produces a .patch file with the smallest code change needed to remediate the issue without altering unrelated logic.
Generate a comprehensive security report with executive summary, detailed findings, remediation roadmap, and compliance mapping. Supports markdown and HTML output.