security-scan
The security-scan command performs local vulnerability and secret detection using gitleaks and safety tools, then triggers a remote GitHub Actions security audit workflow. Use this before pushing code to verify dependencies are free of known vulnerabilities and no credentials are accidentally committed to version control.
mkdir -p ~/.claude/commands && curl -fsSL https://raw.githubusercontent.com/alirezarezvani/claude-code-skill-factory/HEAD/.claude/commands/security-scan.md -o ~/.claude/commands/security-scan.mdsecurity-scan.md
## Local Scan
1. Install tooling (first run): `pip install safety==3.2.4` and `brew install gitleaks` (or `go install github.com/zricethezav/gitleaks/v8@latest`).
2. Detect secrets: `gitleaks detect --verbose --redact`
3. Dependency audit (if `requirements*.txt` exists):
```bash
for f in $(ls **/requirements*.txt 2>/dev/null); do
safety check --full-report --file "$f"
done
```
4. Document results in the commit template.
## Trigger Remote Audit
```bash
gh workflow run security-audit.yml --ref $(git branch --show-current)
gh run watch --workflow "Security Audit (Claude)"
```
## Completion
- Ensure both local and remote scans are clean before pushing or merging.Interactive guide for building custom Claude Code Agents and subagents. Asks straightforward questions, generates enhanced YAML frontmatter with tools/model/color/field/expertise, creates agent .md files, validates format, and helps install to .claude/agents/ or ~/.claude/agents/. Use when user wants to build workflow specialist agents.
Main navigation guide for Claude Code Skills Factory. Use when user wants to build custom Skills, Prompts, or Agents. Orchestrates and delegates to specialized guide agents.
Interactive guide for building custom Claude Code hooks. Asks straightforward questions, uses hook-factory skill, generates complete hooks with validation, and provides installation instructions.
Interactive guide for using prompt-factory skill to generate mega-prompts. Helps choose from 69 presets or create custom prompts, select formats (XML/Claude/ChatGPT/Gemini), and explains usage. Use when user wants to generate production-ready prompts for any LLM.
Interactive guide for building custom Claude Skills. Asks straightforward questions, uses SKILLS_FACTORY_PROMPT template, generates complete skill files, validates format, creates ZIP, and helps install. Use when user wants to build multi-file skill capabilities.
Trigger the Commit & Branch Guard workflow on demand.
Stage working tree changes and create a Conventional Commit (no push).
Stage, commit, and push the current branch following git governance rules.