ReddRadar
Agent skill
security-detection
Detect infrastructure and security-critical file changes to trigger security agent review recommendations ensuring proper security oversight for sensitive modifications.
Install this agent skill to your Project
npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/data/security-detection
SKILL.md
Security Detection Utility
Purpose
Detect infrastructure and security-critical file changes to trigger security agent review recommendations.
Location
.claude/skills/security-detection/
Available Scripts
| Script | Language | Usage |
|---|---|---|
detect-infrastructure.ps1 |
PowerShell | Windows/Cross-platform |
detect_infrastructure.py |
Python 3 | Cross-platform |
Usage
PowerShell
# Analyze staged files
.\detect-infrastructure.ps1 -UseGitStaged
# Analyze specific files
.\detect-infrastructure.ps1 -ChangedFiles @(".github/workflows/ci.yml", "src/auth/login.cs")
Python
# Analyze staged files
python detect_infrastructure.py --git-staged
# Analyze specific files
python detect_infrastructure.py .github/workflows/ci.yml src/auth/login.cs
Output
When security-critical files are detected:
=== Security Review Detection ===
CRITICAL: Security agent review REQUIRED
Matching files:
[CRITICAL] .github/workflows/deploy.yml
[HIGH] src/Controllers/AuthController.cs
Run security agent before implementation:
Task(subagent_type="security", prompt="Review infrastructure changes")
When no matches:
No infrastructure/security files detected.
Risk Levels
| Level | Meaning | Action |
|---|---|---|
| CRITICAL | Immediate security implications | Review REQUIRED |
| HIGH | Potential security impact | Review RECOMMENDED |
Detected Patterns
Critical (Review Required)
- CI/CD workflows (
.github/workflows/*) - Git hooks (
.githooks/*,.husky/*) - Authentication code (
**/Auth/**,**/Security/**) - Environment files (
*.env*) - Credentials and keys (
*.pem,*.key,*secret*)
High (Review Recommended)
- Build scripts (
build/**/*.ps1,scripts/**/*.sh) - Container configs (
Dockerfile*,docker-compose*) - API controllers (
**/Controllers/**) - App configuration (
appsettings*.json) - Infrastructure as Code (
*.tf,*.tfvars,*.bicep)
Integration
Pre-commit Hook
Add to .githooks/pre-commit:
# Security detection (non-blocking warning)
if command -v python3 &> /dev/null; then
python3 .claude/skills/security-detection/detect_infrastructure.py --git-staged
elif command -v pwsh &> /dev/null; then
pwsh -File .claude/skills/security-detection/detect-infrastructure.ps1 -UseGitStaged
fi
CI Integration
- name: Check security-critical files
run: python .claude/skills/security-detection/detect_infrastructure.py --git-staged
Exit Codes
| Code | Meaning |
|---|---|
| 0 | Success (warning shown if matches found, non-blocking) |
The scripts are designed to be non-blocking warnings. They always exit 0 to avoid blocking commits or CI. The warning is informational only.
Customization
Edit the pattern lists in either script to add or modify detection patterns:
CRITICAL_PATTERNS/$CriticalPatterns- Review requiredHIGH_PATTERNS/$HighPatterns- Review recommended
Related Documents
- Infrastructure File Patterns
- Security Agent Capabilities
- Orchestrator Routing Algorithm
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
Didn't find tool you were looking for?