security-scanner
Installation
SKILL.md
Security Scanner Skill
Purpose
The Security Scanner Skill provides comprehensive security analysis for codebases, detecting vulnerabilities, exposed secrets, security misconfigurations, and compliance violations. It combines Static Application Security Testing (SAST), secret detection, OWASP Top 10 checks, container security, and Infrastructure as Code (IaC) validation.
Key Capabilities:
- Static Application Security Testing (SAST) for common vulnerabilities
- Secret and credential detection (API keys, passwords, tokens)
- OWASP Top 10 vulnerability scanning
- Container security (Dockerfile best practices, image vulnerabilities)
- Infrastructure as Code security (Terraform, CloudFormation, Kubernetes)
- Dependency vulnerability scanning
- Security compliance checking
Target Token Savings: 70% (from ~2500 tokens to ~750 tokens)