安全扫描器 | 代码与基础设施漏洞扫描工具 | SAST & 安全审计

Security Scanner by jmsktm/claude-settings

2 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/jmsktm/claude-settings --skill 'Security Scanner'

自动化开发运维安全

🇨🇳中文介绍

安全扫描器

扫描代码和基础设施以发现安全漏洞。通过系统化的安全分析，在问题演变为安全漏洞之前识别问题。

核心工作流

工作流 1：代码安全扫描

SAST - 静态应用程序安全测试
依赖项检查 - 扫描易受攻击的依赖项
密钥检测 - 查找硬编码的凭据
OWASP 检查 - 对照 OWASP Top 10 进行审查
报告 - 生成发现结果报告

工作流 2：基础设施安全

配置审计 - 检查安全设置
网络扫描 - 识别暴露的服务
访问审查 - 审计权限和 IAM
合规性检查 - 对照标准进行验证
修复计划 - 确定优先级并修复问题

快速参考

操作	命令
扫描代码	"在 [repo] 上运行安全扫描"
检查依赖项	"扫描易受攻击的依赖项"
审计基础设施	"安全审计 [环境]"

每周安装次数

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

🇺🇸English

Security Scanner

Scan code and infrastructure for security vulnerabilities. Identify issues before they become breaches with systematic security analysis.

Core Workflows

Workflow 1: Code Security Scan

SAST - Static application security testing
Dependency Check - Scan for vulnerable dependencies
Secrets Detection - Find hardcoded credentials
OWASP Check - Review against OWASP Top 10
Report - Generate findings report

Workflow 2: Infrastructure Security

Configuration Audit - Check security settings
Network Scan - Identify exposed services
Access Review - Audit permissions and IAM
Compliance Check - Verify against standards
Remediation Plan - Prioritize and fix issues

Quick Reference

Action	Command
Scan code	"Run security scan on [repo]"
Check dependencies	"Scan for vulnerable dependencies"
Audit infrastructure	"Security audit [environment]"

Weekly Installs

–

Repository

jmsktm/claude-settings

GitHub Stars

First Seen

–

Security Audits

Gen Agent Trust HubPass SocketPass SnykPass