| name | security-scan |
| description | Comprehensive security control scanning for encryption (AES-256-GCM), key derivation (PBKDF2 100k), session management (8h TTL, 30m idle), OAuth PKCE, and audit retention (90 days). Use for security audits and compliance checks. |
| version | 2.0.0-rc |
| author | Kernel Architecture Team |
| triggers | ["security scan","security audit","compliance check"] |
| tools | ["mcp__kernel-v2-audit__query","mcp__kernel-v2-credentials__list","mcp__kernel-v2-sessions__get","mcp__kernel-v2-oauth__status"] |
Security Scan Skill
Purpose
Scans and validates all security controls for compliance with SOC 2 and ISO 27001.
When to Use
- Security audits
- Compliance checks
- Configuration validation
- Pre-deployment verification
Available MCP Tools
| Tool | Description |
|---|
mcp__kernel-v2-audit__query | Query audit logs |
mcp__kernel-v2-credentials__list | List stored credentials |
mcp__kernel-v2-sessions__get | Validate session config |
mcp__kernel-v2-oauth__status | Check OAuth status |
Controls Checked
| Control | Requirement | Status |
|---|
| Encryption | AES-256-GCM | ✅ |
| Key Derivation | PBKDF2 100k iterations | ✅ |
| Session TTL | 8 hours | ✅ |
| Idle Timeout | 30 minutes | ✅ |
| OAuth PKCE | S256 | ✅ |
| Audit Retention | 90 days | ✅ |
Workflow
- Check encryption implementation
- Verify key derivation parameters
- Validate session configuration
- Test OAuth PKCE flow
- Verify audit log retention
- Generate compliance report
Compliance Standards
- SOC 2 Type II
- ISO 27001
- GDPR Article 32
Related Skills
secure-credentials: For credential security
audit-logging: For audit trails
session-management: For session security