security-scan
Installation
SKILL.md
Security Scanning
Perform comprehensive security scanning across your entire stack including applications, infrastructure, containers, dependencies, and cloud environments. This skill integrates LLM-based security analysis with industry-standard tools to identify vulnerabilities, misconfigurations, and security weaknesses.
When to use me
Use this skill when:
- You need a complete security assessment of your application and infrastructure
- You want to integrate multiple security scanning tools into a unified workflow
- You need LLM-powered analysis to identify complex security issues
- You're preparing for security audits or compliance certifications
- You want to establish baseline security scanning in CI/CD pipelines
- You need to scan across multiple environments (cloud, containers, infrastructure)
What I do
- LLM-based security analysis: Use AI to identify complex security patterns, business logic flaws, and novel vulnerabilities
- Integrated tool ecosystem: Orchestrate OWASP ZAP, Snyk, Trivy, Nessus, and other security scanners
- Multi-layer scanning: Application (SAST/DAST), infrastructure (IaC scanning), containers, dependencies, cloud configurations
- Vulnerability correlation: Correlate findings across different scanning tools to prioritize critical issues
- Compliance mapping: Map vulnerabilities to compliance frameworks (SOC 2, ISO 27001, HIPAA, GDPR)
- Remediation guidance: Provide specific, actionable remediation steps for each finding
- Risk scoring: Calculate risk scores based on CVSS, exploit availability, and business impact
Examples
# Run comprehensive security scan
./scripts/security-scan.sh --target https://app.example.com
# Scan Docker containers
./scripts/security-scan.sh --container myapp:latest
# Scan infrastructure as code
./scripts/security-scan.sh --iac terraform/
# Generate compliance report
./scripts/security-scan.sh --compliance soc2
# LLM-powered security analysis
./scripts/security-scan.sh --llm-analysis --context "Payment processing system"
Output format
Security Scan Report
─────────────────────────────────────
Scan Date: 2025-01-15T10:30:00Z
Target: https://app.example.com
Scan Duration: 2m 45s
CRITICAL FINDINGS (3):
────────────────────────
❌ SQL Injection in /api/users endpoint
Risk: Critical (CVSS 9.8)
Detection: OWASP ZAP + LLM analysis
Remediation: Use parameterized queries, implement input validation
Compliance Impact: PCI DSS 6.5.1, OWASP A1
❌ Hard-coded AWS credentials in config file
Risk: Critical (CVSS 8.9)
Detection: TruffleHog + LLM pattern matching
Remediation: Move to AWS Secrets Manager, rotate credentials
Compliance Impact: SOC 2 CC6.1, ISO 27001 A.9.4.1
❌ Unpatched vulnerability in nginx:1.18 (CVE-2021-23017)
Risk: Critical (CVSS 9.1)
Detection: Trivy container scan
Remediation: Upgrade to nginx 1.20+, apply security patches
Compliance Impact: PCI DSS 6.2, ISO 27001 A.12.6.1
HIGH FINDINGS (8):
───────────────────
⚠️ Missing Content Security Policy header
⚠️ Excessive permissions in IAM role (AdminAccess)
⚠️ Outdated OpenSSL library (CVE-2022-2068)
⚠️ Docker container running as root
⚠️ API endpoint without rate limiting
⚠️ Sensitive data in application logs
⚠️ Missing MFA for administrative access
⚠️ Unencrypted S3 bucket
MEDIUM/LOW FINDINGS (14):
──────────────────────────
ℹ️ Security headers missing (X-Frame-Options, X-Content-Type-Options)
ℹ️ Verbose error messages revealing system information
ℹ️ Session timeout too long (24 hours)
ℹ️ Cross-site request forgery (CSRF) protection missing
LLM SECURITY ANALYSIS:
──────────────────────
🔍 Business Logic Vulnerabilities:
• Payment amount manipulation possible in checkout flow
• Privilege escalation via IDOR in admin panel
• Race condition in inventory reservation system
🔍 Architectural Security Issues:
• Monolithic architecture increases attack surface
• Lack of network segmentation between tiers
• Insufficient logging for security events
🔍 Compliance Gaps:
• Missing data retention policy implementation
• Inadequate incident response procedures
• Insufficient employee security training documentation
SUMMARY:
────────
Total Findings: 25
Critical: 3 | High: 8 | Medium: 9 | Low: 5
Risk Score: 78/100 (High Risk)
Compliance Status: 65% compliant with SOC 2
RECOMMENDATIONS:
────────────────
1. IMMEDIATE ACTION: Fix 3 critical vulnerabilities within 24 hours
2. PRIORITY: Address 8 high-risk issues within 7 days
3. IMPROVEMENTS: Implement security controls for medium/low issues
4. ARCHITECTURAL: Consider microservices segmentation, zero-trust network
5. PROCESS: Establish security training program, incident response plan
Notes
- Integrates with existing CI/CD pipelines and security tools
- LLM analysis requires careful validation to avoid false positives
- Different scanning tools may have different licensing requirements
- Some scanners require authentication tokens or API keys
- Always validate findings before taking remediation actions
- Consider running scans during off-peak hours to minimize performance impact
- Regular scanning (daily/weekly) recommended for production systems
- Keep scanning tools updated to detect latest vulnerabilities
Related skills
More from wojons/skills
adversarial-thinking
Apply systematic adversarial thinking patterns including devil's advocate, assumption busting, red teaming, and white hat security approaches
45devils-advocate
Challenge ideas, assumptions, and decisions by playing devil's advocate to identify weaknesses and prevent groupthink
41redteam
Think and act like an attacker to identify security vulnerabilities, weaknesses, and penetration vectors through adversarial security testing
37code-migration
Guide framework and library migrations with incremental strategies, breaking change analysis, compatibility testing, and automated migration tools
34observability-logging
Use logs as part of comprehensive observability strategy including metrics, traces, alerts, and dashboards for system understanding and operational excellence
34gap-analysis
Identify discrepancies between documented requirements and actual implementation through systematic comparison and analysis
34