security-scanner

Installation
SKILL.md

Security Scanner Skill

Purpose

The Security Scanner Skill provides comprehensive security analysis for codebases, detecting vulnerabilities, exposed secrets, security misconfigurations, and compliance violations. It combines Static Application Security Testing (SAST), secret detection, OWASP Top 10 checks, container security, and Infrastructure as Code (IaC) validation.

Key Capabilities:

  • Static Application Security Testing (SAST) for common vulnerabilities
  • Secret and credential detection (API keys, passwords, tokens)
  • OWASP Top 10 vulnerability scanning
  • Container security (Dockerfile best practices, image vulnerabilities)
  • Infrastructure as Code security (Terraform, CloudFormation, Kubernetes)
  • Dependency vulnerability scanning
  • Security compliance checking

Target Token Savings: 70% (from ~2500 tokens to ~750 tokens)

When to Use

Installs
Repository
smithery/ai
First Seen
security-scanner — smithery/ai