Slash Command260 repo starsupdated 16d ago
security-scan
The security-scan command performs pre-push security validation by checking for committed secrets using Gitleaks and auditing Python dependencies with Safety. Use this before pushing code to catch credential leaks and vulnerable packages in your project's requirements files.
Install in Claude Code
Copymkdir -p ~/.claude/commands && curl -fsSL https://raw.githubusercontent.com/borghei/Claude-Skills/HEAD/.claude/commands/security-scan.md -o ~/.claude/commands/security-scan.mdThen start a new Claude Code session; the slash command loads automatically.
Definition
security-scan.md
1. Ensure dependencies are installed:
```bash
pip install safety==3.2.4
brew install gitleaks # or appropriate package manager
```
2. Scan for committed secrets:
```bash
gitleaks detect --verbose --redact
```
- Resolve any findings before continuing.
3. Audit Python dependencies (if requirements files exist):
```bash
for f in $(find . -name "requirements*.txt" 2>/dev/null); do
safety check --full-report --file "$f"
done
```
4. Record results in the commit template's Testing section.
5. After a clean pass, proceed with commit and push workflow.More from this repository
changelog-managerSubagent
>-
code-reviewerSubagent
>-
doc-generatorSubagent
>-
git-workflowSubagent
>-
qa-engineerSubagent
>-
security-auditorSubagent
>-
a11y-auditSlash Command
Run an accessibility audit on the current project for WCAG compliance.
code-to-prdSlash Command
Reverse-engineer a Product Requirements Document from existing code.