security
Installation
SKILL.md
Security Scan Patterns for Claude Code Plugins
Context-Aware File Classification
Before assigning severity to any finding, classify the file by its execution context:
| File Type | Examples | Can Execute? | Rule |
|---|---|---|---|
| Shell scripts | *.sh, *.bash |
Yes | Apply full severity table |
| Code files | *.py, *.js, *.mjs, *.ts |
Yes | Apply full severity table |
| Hook definitions | hooks/hooks.json |
Runs on every tool call | Apply full severity table |
| MCP configs | .mcp.json |
Yes (server launch) | Apply full severity table |
| Package manifests | package.json |
Via npm scripts | Apply full severity table |
| Documentation | *.md (SKILL.md, CLAUDE.md, README.md) |
No | Cap at Low — see rule below |
Documentation Files (*.md)
Patterns in .md files are instructional content, not executable code. A curl | bash in a README documents a user action the reader types manually — the plugin never runs it. Apply this rule universally: