secure-at-inception
Installation
SKILL.md
Secure At Inception
Proactively scan all newly generated or modified code to prevent security vulnerabilities before they enter the codebase. Provides intelligent scanning decisions, caching, and filtering to focus only on NEW issues.
File Type → Scan Type Reference
| Scan Type | Trigger Files | MCP Tool |
|---|---|---|
| SAST (Code) | Source files: .js, .ts, .py, .java, .go, .rb, .php, .cs, .swift, .kt, .scala, .rs, .c, .cpp, .dart, and more |
snyk_code_scan |
| SCA (Dependencies) | Manifests: package.json, requirements.txt, pom.xml, build.gradle, Gemfile, go.mod, Cargo.toml, *.csproj, composer.json, and more |
snyk_sca_scan |
| IaC | Infrastructure: .tf, .tfvars, K8s YAML (with apiVersion/kind), template.json/.yaml, ARM JSON, serverless.yml |
snyk_iac_scan |
Skip: binary files, non-IaC JSON/YAML, documentation (.md, .txt, .rst), assets, test fixtures.