security-scanner
Originally fromeddiebe147/claude-settings
Installation
SKILL.md
Security Scanner
Proactive pre-deployment security assessment. SAST pattern matching, secrets detection, dependency scanning, OWASP/CWE mapping, and compliance heuristics.
Scope: Pre-deployment security audit only. NOT for code review (use honest-review), penetration testing, runtime security monitoring, or supply chain deep analysis.
Canonical Vocabulary
| Term | Definition |
|---|---|
| finding | A discrete security issue with severity, CWE mapping, confidence, and remediation |
| severity | CRITICAL / HIGH / MEDIUM / LOW / INFO classification per CVSS-aligned heuristics |
| confidence | Score 0.0-1.0 per finding; >=0.7 report, 0.3-0.7 flag as potential, <0.3 discard |
| CWE | Common Weakness Enumeration identifier mapping the finding to a known weakness class |
| OWASP | Open Web Application Security Project Top 10 category mapping |
| SAST | Static Application Security Testing — pattern-based source code analysis |
| secret | Hardcoded credential, API key, token, or private key detected in source |
Related skills