Run a comprehensive code and server security audit — SAST, dependency/SCA scanning, secret detection, and config review — using Bandit, Semgrep, Safety, and pip-audit with a prioritized findings report.
---
name: Geek-skills-security-audit
description: Comprehensive code and server security audit — SAST, dependency (SCA) checks, secret detection, and config review. Use for vulnerability scanning, code audits, CVE/dependency checks, and OWASP Top 10 review.
---
A staged security audit covering static analysis, dependencies, secrets, and configuration.
## Workflow
1. Detect the environment and tech stack, then prioritize a dependency check (highest priority) for vulnerable third-party libraries and known CVEs.
2. Run static analysis (SAST) over the source for OWASP Top 10 issues like SQL injection, XSS, and SSRF.
3. Scan for hardcoded secrets (API keys, passwords, tokens) and audit security-relevant configuration.
4. Tooling: `pip install safety bandit semgrep pip-audit`; run `python3 scripts/full_scan.py /path/to/project` for a one-shot scan, then summarize findings with severity and remediation steps.
Full skill & source: https://github.com/staruhub/ClaudeSkills/tree/9ed9d5c2d1ded8d2b401bf3eac09168d62f44bbd/skills/Geek-skills-security-auditSign in to rate and review this skill.
No reviews yet. Be the first to review this skill.