Run any Skill in Manus with one click

Get Started

$pwd:

security-scan-diff

Name: Security Scan Diff
Author: dyoshikawa

// Scan for malicious code in git diff between a tag/commit and HEAD

Run Skill in Manus

$ git log --oneline --stat

stars:1,132

forks:121

updated:March 30, 2026 at 03:32

SKILL.md

readonly

name	security-scan-diff
description	Scan for malicious code in git diff between a tag/commit and HEAD
targets	["*"]

target_ref = $ARGUMENTS

If target_ref is not provided, ask the user which tag or commit to compare against HEAD.

Overview

Thoroughly check for malicious code in the diff between ${target_ref} and the latest commit (HEAD).

Steps

Verify the target ref exists and get the diff scope.
- Run git log ${target_ref}..HEAD --oneline to list commits.
- Run git diff ${target_ref}..HEAD --stat to get file change statistics.
- Categorize changed files into: CI/CD workflows, source code, and config/docs.
Execute the following security reviews in parallel using subagents:
- Call security-reviewer subagent to review CI/CD and workflow files (.github/, scripts/) for:
  - Secret exfiltration
  - Script injection (${{ github.event.* }} direct expansion in run:)
  - Suspicious external URLs/API connections
  - Privilege escalation or token misuse
  - Malicious command execution (curl | bash, eval, base64 decode execution)
  - Supply chain attack patterns (suspicious npm packages, unsigned action references)
  - Dangerous pull_request_target usage
- Call security-reviewer subagent to review source code files (src/) for:
  - Arbitrary code execution (eval, Function constructor, suspicious child_process usage)
  - Path traversal (../.. directory escape)
  - Command injection (user input passed directly to shell commands)
  - Suspicious external communication (fetch, http.request, axios to external URLs)
  - Unauthorized filesystem operations
  - Credential/token leakage (hardcoded tokens, logging sensitive values)
  - Dependency tampering (suspicious package.json changes)
  - Backdoor patterns (obfuscated code, suspicious conditionals, hidden functionality)
  - Prototype pollution and deserialization vulnerabilities
  - Supply chain attacks (suspicious new dependency packages)
- Call security-reviewer subagent to review config and documentation files for:
  - Suspicious dependencies or scripts in package.json
  - Suspicious registries or URLs in lockfiles
  - Security rule relaxation in config schemas or linter configs
  - Suspicious settings in devcontainer or editor configs
  - Phishing URLs in documentation
  - Malicious instructions in AI rule/subagent/skill definitions

Integrate the results from all subagents and produce a unified report in the following format:

## Security Review Report: ${target_ref} -> HEAD

### Conclusion
- Whether malicious code was detected or not

### Check Results Summary Table
| Check Item | Result |
|------------|--------|
| ... | ... |

### Findings (if any)
| Severity | Description | File | Risk |
|----------|-------------|------|------|
| ... | ... | ... | ... |

### Recommendations (if any)
- Actionable recommendations for each finding

### Positive Observations
- Good security practices found in the diff

related-skills.json

same repository

rulesync.md

from "dyoshikawa/rulesync"

Generates and syncs AI rule configuration files (.cursorrules, CLAUDE.md, copilot-instructions.md) across 20+ coding tools from a single source. Use when syncing AI rules, running rulesync commands, importing or generating rule files, or managing shared AI coding configurations.

2026-05-291.1k

rulesync-feature-research.md

from "dyoshikawa/rulesync"

Maps rulesync feature implementations to upstream coding-agent documentation. Use when evaluating rulesync issues, comparing any coding-agent client with rulesync source capability surfaces, checking support, or planning a client map.

2026-05-181.1k

skill-creator.md

from "dyoshikawa/rulesync"

Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends Claude's capabilities with specialized knowledge, workflows, or tool integrations.

2026-04-011.1k

draft-release.md

from "dyoshikawa/rulesync"

Draft a new release of the project.

2026-03-301.1k

create-issue.md

from "dyoshikawa/rulesync"

Create a GitHub issue with detailed description, purpose, and appropriate labels

2026-03-301.1k

release-dry-run.md

from "dyoshikawa/rulesync"

Dry run for release: summarize changes since last release and suggest version bump.

2026-03-301.1k

package.json

"author": "dyoshikawa"

"repository": "dyoshikawa/rulesync"

View GitHub Repository View Creator Repositories

$ install --global

$ download --local

Run Skill in Manus

$ useful --forSOC

Information Security AnalystsComputer and Mathematical Occupations15-1212L4

## Security Review Report: ${target_ref} -> HEAD ### Conclusion - Whether malicious code was detected or not ### Check Results Summary Table | Check Item | Result | |------------|--------| | ... | ... | ### Findings (if any) | Severity | Description | File | Risk | |----------|-------------|------|------| | ... | ... | ... | ... | ### Recommendations (if any) - Actionable recommendations for each finding ### Positive Observations - Good security practices found in the diff

security-scan-diff

Overview

Steps

More from this repository

More from this repository

Overview

Steps