ワンクリックで
baseline
Create or update the project security baseline, profile, suppressions file, and gitignore entries for security scans
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Create or update the project security baseline, profile, suppressions file, and gitignore entries for security scans
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
| name | baseline |
| description | Create or update the project security baseline, profile, suppressions file, and gitignore entries for security scans |
| argument-hint | [--refresh] |
| disable-model-invocation | true |
| allowed-tools | ["Read","Write","Edit","Bash","AskUserQuestion"] |
Create the local project profile that helps /security:scan classify severity and keep scan artifacts out of git.
Run:
mkdir -p .security
"${CLAUDE_PLUGIN_ROOT}/scripts/recon.sh" . | tee .security/recon.json
"${CLAUDE_PLUGIN_ROOT}/scripts/detect-tools.sh" | tee .security/tools.json
Read .security/recon.json.
Ask concise questions when .security/profile.json does not exist or --refresh is passed:
Write .security/profile.json:
{
"version": 1,
"exposure": "public-internet|authenticated-public|internal|cli-library",
"severity_posture": "normal|strict",
"production_paths": ["src/", "app/"],
"test_paths": ["tests/", "fixtures/", "examples/"],
"sensitive_operations": ["auth", "admin", "file-upload"],
"notes": []
}
If .security/suppressions.json does not exist, write:
{
"version": 1,
"suppressions": []
}
Ensure .gitignore contains:
.security/artifacts/
.security/report.md
.security/triaged.json
.security/correlated.json
.security/recon.json
.security/tools.json
.security/changed-files.json
Keep .security/profile.json and .security/suppressions.json trackable by default because they are project policy, not scan output. If the user says suppressions should stay local, add .security/suppressions.json to .gitignore.
Report:
/security:scan --deep.Fix or guide remediation for a specific security finding from the latest scan report
Run a security assessment using deterministic static analysis tools with LLM-powered triage
Inspect and optionally install security scanning tools for the security plugin
Query ctx memory and inject results into context
Show ctx memory status (node counts, types, tiers, tokens)
MANDATORY persistent memory system for decisions, facts, patterns, and observations.