security-scan
SKILL.md
Security Scan Skill
Overview
Orchestrates the full security scanning workflow across all supported languages.
Supported Languages
| Language | Marker Files | Pattern Count |
|---|---|---|
| JavaScript/TypeScript | package.json | 25+ |
| PHP | composer.json | 20+ |
| Python | requirements.txt, pyproject.toml | 18+ |
| Swift/iOS | Package.swift, *.xcodeproj | 15+ |
| Go | go.mod | 12+ |
| Rust | Cargo.toml | 10+ |
Workflow
- Detect language from project markers
- Load patterns from
references/scan-patterns.md - Run
scripts/security-scan.shfor automated scanning - Map findings to OWASP categories via
references/owasp-top10.md - Generate report using
references/templates/scan-report.md
Pattern Categories
- XSS (Cross-Site Scripting)
- SQL Injection
- Command Injection
- Code Execution (eval, exec)
- SSRF (Server-Side Request Forgery)
- Weak Cryptography
- Hardcoded Secrets
- Insecure Deserialization
- Path Traversal / LFI / RFI
Integration
After scanning, delegate fixes to sniper:
Task(subagent_type: "fuse-ai-pilot:sniper")
Prompt: "Security fixes: [FILE:LINE] [VULN] [FIX]"
References
Weekly Installs
12
Repository
fusengine/agentsGitHub Stars
3
First Seen
14 days ago
Security Audits
Installed on
gemini-cli12
opencode12
codebuddy12
github-copilot12
codex12
kimi-cli12