Skip to main content
Exécutez n'importe quel Skill dans Manus
en un clic

devsecops-repo-analyzer

Étoiles2
Forks1
Mis à jour13 avril 2026 à 01:23

Performs end-to-end DevSecOps security analysis on any GitHub repository. Runs a 6-stage pipeline: repo ingestion and inventory, application context classification with STRIDE threat modeling, multi-tool vulnerability scanning (SAST, SCA via Trivy + Snyk + Grype, secrets, IaC), reachability and context analysis that assigns Real Risk Scores, remediation recommendations with optional GitHub PR generation, and a final structured assessment report. Use when the user asks to analyze a repo for security issues, run a DevSecOps assessment, threat model a codebase, check for vulnerabilities, or audit an open source project. Triggers include phrases like "analyze this repo", "security scan", "vulnerability assessment", "threat model this", "DevSecOps analysis", "audit this codebase", or "check this project for security issues".

Installation

Installer avec Codex ou Claude Copiez ce prompt, collez-le dans Codex, Claude ou un autre assistant, puis laissez-le vérifier la page du skill et l'installer pour vous.

Explorateur de fichiers
8 fichiers
SKILL.md
readonly