Search Results: ci-cd-security

Found 18 Skills

Security & Compliancemukul975/anthropic-cybers...

performing-android-app-static-analysis-with-mobsf

Performs automated static analysis of Android applications using Mobile Security Framework (MobSF) to identify hardcoded secrets, insecure permissions, vulnerable components, weak cryptography, and code-level security flaws without executing the application. Use when assessing Android APK/AAB files for security vulnerabilities before deployment, during penetration testing, or as part of CI/CD security gates. Activates for requests involving Android static analysis, MobSF scanning, APK security assessment, or mobile application code review.

🇺🇸|EnglishTranslated

2 scripts/Checked

Security & Compliancewojons/skills

security-scan

Use when you need comprehensive security scanning across applications, infrastructure, and dependencies with LLM-based analysis

🇺🇸|EnglishTranslated

1 scripts/Attention

Security & Compliancesuperagent-ai/skills

ci-cd-security

Scan GitHub Actions workflow files for security vulnerabilities by reading the YAML and reporting findings directly — no external tools, no installation, no shell execution. Use this skill whenever the user shares a `.github/workflows/` file, pastes workflow YAML, asks for a CI/CD security review, mentions `pull_request_target`, `workflow_run`, action pinning, `GITHUB_TOKEN` permissions, pwn requests, template injection, cache poisoning, secret exfiltration, supply chain risk, or any GitHub Actions hardening topic. Also trigger when the user is hardening an OSS repo, doing a CI/CD red team assessment, evaluating a target for supply-chain scanning, or writing publicly about CI/CD security. Bias toward triggering this skill rather than answering from memory — CI/CD security defaults are wrong almost everywhere and the rules are unintuitive.

🇺🇸|EnglishTranslated

Security & Compliancevinnie357/claude-skills

security

Secret detection and credential scanning using gitleaks. Use when scanning repositories for leaked secrets, API keys, passwords, tokens, or implementing pre-commit security checks.

🇺🇸|EnglishTranslated

3 scripts/Attention

Security & Complianceel-feo/ai-context

brakeman

Static analysis security vulnerability scanner for Ruby on Rails applications. Use when analyzing Rails code for security issues, running security audits, reviewing code for vulnerabilities, setting up security scanning in CI/CD, managing security warnings, or investigating specific vulnerability types (SQL injection, XSS, command injection, etc.). Also use when configuring Brakeman, reducing false positives, or integrating with automated workflows.

🇺🇸|EnglishTranslated

1 scripts/Checked

Security & Complianceancoleman/ai-design-compo...

managing-vulnerabilities

Implementing multi-layer security scanning (container, SAST, DAST, SCA, secrets), SBOM generation, and risk-based vulnerability prioritization in CI/CD pipelines. Use when building DevSecOps workflows, ensuring compliance, or establishing security gates for container deployments.

🇺🇸|EnglishTranslated

5 scripts/Attention