oma-deepsec
Installation
SKILL.md
Deepsec: Agent-Powered Vulnerability Scanner Driver
Scheduling
Goal
Operate Vercel's deepsec security scanner inside a target repository safely and cost-consciously: bootstrap the .deepsec/ workspace, write a tight INFO.md, run the right scan/process/triage/revalidate/export sequence, gate PRs in CI via process --diff, and grow project-specific matchers, surfacing real, revalidated findings without runaway spend.
Intent signature
- User mentions
deepsec, "deep security scan",bunx deepsec,pnpm deepsec,npx deepsec. - User asks an agent to scan a repository for vulnerabilities, security issues, or CVEs and the project has (or should have) a
.deepsec/directory. - User asks how to add a deepsec PR / CI security gate, or about
process --diff,--diff-staged,--diff-working,--files-from,--comment-out. - User mentions deepsec artefacts:
INFO.md,SETUP.md,data/<id>/files/,FileRecord,RunMeta,revalidation,triage, custom matchers,MatcherPlugin,noiseTier,priorityPaths. - User asks about deepsec configuration:
deepsec.config.ts,defaultAgent,AI_GATEWAY_API_KEY,VERCEL_OIDC_TOKEN, AI Gateway, Vercel Sandbox,--agent codex,--agent claude. - User asks how to lower deepsec cost, cut false-positive rate, or interpret severity / triage / revalidation verdicts.