security-scan
The security-scan command automates a pre-push security verification workflow by checking for accidentally committed secrets using gitleaks and scanning Python dependencies for known vulnerabilities using the safety tool. Use this before committing code to catch security issues early and ensure clean dependency audits are documented in commit messages.
mkdir -p ~/.claude/commands && curl -fsSL https://raw.githubusercontent.com/alirezarezvani/claude-skills/HEAD/.claude/commands/security-scan.md -o ~/.claude/commands/security-scan.mdsecurity-scan.md
1. Ensure dependencies are installed:
```bash
pip install safety==3.2.4
brew install gitleaks # or appropriate package manager
```
2. Scan for committed secrets:
```bash
gitleaks detect --verbose --redact
```
- Resolve any findings before continuing.
3. Audit Python dependencies (if requirements files exist):
```bash
for f in $(find . -name "requirements*.txt" 2>/dev/null); do
safety check --full-report --file "$f"
done
```
4. Record results in the commit template's Testing section.
5. After a clean pass, proceed with commit and push workflow.Deep-dive feature repair — systematically fix an entire feature/module. Usage: /focused-fix <feature-path>
Clean up merged branches locally and on remote, keeping only main, dev, and gh-pages.
Stage working tree changes and create a Conventional Commit (no push).
Stage, commit, and push the current branch following git governance rules.
Create a pull request from the current branch.
Run the full 8-phase plugin audit pipeline on a skill directory.
Run the local review gate before pushing.
Scan and optimize docs for SEO — meta tags, readability, keywords, broken links, sitemap.