Agent skill
security-scanning
CI security scanning: secrets, deps, SAST, triage, expiring exceptions
Install this agent skill to your Project
npx add-skill https://github.com/bobmatnyc/claude-mpm-skills/tree/main/universal/security/security-scanning
Metadata
Additional technical details for this skill
- author
- Claude MPM Team
- version
- 1.1.0
- category
- universal
SKILL.md
Security Scanning
Quick Start
- Secrets: fail fast; rotate on exposure.
- Dependencies: gate critical/high; automate updates.
- SAST: start high-signal; ratchet over time.
- Exceptions: require reason, owner, and expiry.
Load Next (References)
references/tooling-matrix.mdreferences/ci-workflows.mdreferences/triage-and-remediation.mdreferences/common-findings-and-fixes.mdreferences/supply-chain-and-sbom.md
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
bad-example-skill
ANTI-PATTERN - Example showing violations of self-containment (DO NOT COPY)
example-framework-skill
Example of a properly self-contained skill following all best practices
systematic-debugging
Systematic debugging methodology emphasizing root cause analysis over quick fixes
verification-before-completion
Run verification commands and confirm output before claiming success
Root Cause Tracing
Systematically trace bugs backward through call stack to find original trigger
Brainstorming Ideas Into Designs
Interactive idea refinement using Socratic method to develop fully-formed designs
Didn't find tool you were looking for?