漏洞扫描工具与最佳实践：自动化安全检测、依赖项扫描与CI/CD集成指南

vulnerability-scanning by aj-geddes/useful-ai-prompts

161 周安装量

141 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill vulnerability-scanning

自动化开发运维安全

🇨🇳中文介绍

漏洞扫描

概述

使用自动化扫描工具和手动安全评估，系统地识别应用程序、依赖项和基础设施中的安全漏洞。

使用场景

部署前安全检查
持续安全监控
合规性审计（PCI-DSS、SOC 2）
依赖项漏洞检测
容器安全扫描
基础设施安全评估

快速开始

最小工作示例：

// scanner.js - Comprehensive vulnerability scanning
const { exec } = require("child_process");
const util = require("util");
const fs = require("fs").promises;

const execPromise = util.promisify(exec);

class VulnerabilityScanner {
  constructor() {
    this.results = {
      dependencies: [],
      code: [],
      docker: [],
      secrets: [],
    };
  }

  async scanDependencies() {
    console.log("Scanning dependencies with npm audit...");

    try {
      const { stdout } = await execPromise("npm audit --json");
      const auditResults = JSON.parse(stdout);

      for (const [name, advisory] of Object.entries(
// ... (see reference guides for full implementation)

参考指南

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

指南	内容
Node.js 漏洞扫描器	Node.js 漏洞扫描器
Python OWASP 扫描器	Python OWASP 扫描器
CI/CD 集成 - GitHub Actions	CI/CD 集成 - GitHub Actions

🇺🇸English

Vulnerability Scanning

Overview
When to Use
Quick Start
Reference Guides
Best Practices

Overview

Systematically identify security vulnerabilities in applications, dependencies, and infrastructure using automated scanning tools and manual security assessments.

When to Use

Pre-deployment security checks
Continuous security monitoring
Compliance audits (PCI-DSS, SOC 2)
Dependency vulnerability detection
Container security scanning
Infrastructure security assessment

Quick Start

Minimal working example:

// scanner.js - Comprehensive vulnerability scanning
const { exec } = require("child_process");
const util = require("util");
const fs = require("fs").promises;

const execPromise = util.promisify(exec);

class VulnerabilityScanner {
  constructor() {
    this.results = {
      dependencies: [],
      code: [],
      docker: [],
      secrets: [],
    };
  }

  async scanDependencies() {
    console.log("Scanning dependencies with npm audit...");

    try {
      const { stdout } = await execPromise("npm audit --json");
      const auditResults = JSON.parse(stdout);

      for (const [name, advisory] of Object.entries(
// ... (see reference guides for full implementation)

Reference Guides

Detailed implementations in the references/ directory:

Guide	Contents
Node.js Vulnerability Scanner	Node.js Vulnerability Scanner
Python OWASP Scanner	Python OWASP Scanner
CI/CD Integration - GitHub Actions	CI/CD Integration - GitHub Actions

Best Practices

✅ DO

Automate scans in CI/CD
Scan dependencies regularly
Use multiple scanning tools
Set severity thresholds
Track vulnerability trends
Scan containers and images
Monitor CVE databases
Document false positives

❌ DON'T

Skip vulnerability scanning
Ignore low severity issues
Trust single scanning tool
Bypass security gates
Commit secrets to repos

Weekly Installs

133

Repository

aj-geddes/usefu…-prompts

GitHub Stars

121

First Seen

Jan 21, 2026

Security Audits

Gen Agent Trust HubPass SocketPass SnykWarn

Installed on

opencode114

gemini-cli112

codex109

cursor103

claude-code100

github-copilot93