Security Guardian

System for automated security auditing and credential protection.

Core Workflows

1. Secret Scanning

Scan specific project directories for hardcoded credentials.

• Tool: scripts/scan_secrets.py
• Usage: python3 $WORKSPACE/skills/security-guardian/scripts/scan_secrets.py <path_to_project>
• Workflow:
  1. Execute scan on a specific project or directory.
  2. If findings are reported (exit code 1):
     • Review the file and line number.
     • Transition: Move the secret to a secure vault (e.g., using the mema-vault skill).
     • Redact: Replace the plaintext secret in the source code with an environment variable or a vault lookup call.

2. Container Vulnerability Scan

Analyze Docker images for vulnerabilities prior to deployment.