/security-scan                    # Full scan of current directory
/security-scan --scope src/       # Scan specific directory
/security-scan --quick            # Fast scan (critical issues only)
/security-scan --focus injection  # Focus on specific category

/security-scan

/security-scan --quick

/security-scan --focus <category>

[SEVERITY] CATEGORY: Brief description
  File: path/to/file.ext:line
  Pattern: What was detected
  Risk: Why this is dangerous
  Fix: How to remediate

SECURITY SCAN RESULTS
=====================

Scope: src/
Files scanned: 127
Duration: 45 seconds

FINDINGS BY SEVERITY
  Critical: 2
  High: 5
  Medium: 12
  Low: 8

TOP ISSUES
1. [!] SQL Injection in src/api/users.ts:45
2. [!] Hardcoded AWS key in src/config.ts:12
3. [H] XSS vulnerability in src/components/Comment.tsx:89
...

Run `/security-scan --details` for full report.

- String concatenation in queries
- Unsanitized user input in database calls
- Dynamic query construction

- innerHTML assignments with user data
- document.write() with dynamic content
- Unescaped template interpolation

- exec(), system(), popen() with user input
- Shell command string construction
- Unsanitized subprocess arguments

AWS Access Key:     AKIA[0-9A-Z]{16}
AWS Secret Key:     [A-Za-z0-9/+=]{40}
GitHub Token:       gh[pousr]_[A-Za-z0-9]{36,}
Stripe Key:         sk_live_[A-Za-z0-9]{24,}
Private Key:        -----BEGIN (RSA |EC )?PRIVATE KEY-----

Generic API Key:    api[_-]?key.*[=:]\s*['"][a-zA-Z0-9]{16,}
Password in Code:   password\s*[=:]\s*['"][^'"]+['"]
Connection String:  (mysql|postgres|mongodb)://[^:]+:[^@]+@

- MD5 for password hashing
- SHA1 for security purposes
- DES/3DES encryption
- RC4 stream cipher

- Hardcoded encryption keys
- Weak random number generation
- Missing salt in password hashing
- ECB mode encryption

/secrets-scan              # Dedicated secrets analysis
/secrets-scan --entropy    # High-entropy string detection

/dependency-scan           # Check all dependencies
/dependency-scan --fix     # Auto-fix where possible

/config-scan               # All config files
/config-scan --docker      # Container security
/config-scan --iac         # Infrastructure as Code

1. Identify project type (languages, frameworks)
2. Locate relevant files (source, config, dependencies)
3. Determine applicable security rules

1. Pattern matching for known vulnerabilities
2. Data flow analysis for injection paths
3. Configuration review

1. High-confidence pattern matching
2. Entropy analysis for potential secrets
3. Git history check (optional)

1. Parse package manifests
2. Check against vulnerability databases
3. Identify outdated packages

1. Deduplicate findings
2. Assign severity scores
3. Generate actionable report
4. Provide remediation guidance

# Scan configuration
scan:
  exclude:
    - "node_modules/**"
    - "vendor/**"
    - "**/*.test.ts"
    - "**/__mocks__/**"

# Severity thresholds
thresholds:
  fail_on: critical    # critical, high, medium, low
  warn_on: medium

# Category toggles
categories:
  injection: true
  secrets: true
  crypto: true
  auth: true
  config: true
  dependencies: true

# Custom patterns
patterns:
  secrets:
    - name: "Internal API Key"
      pattern: "INTERNAL_[A-Z]{3}_KEY_[a-zA-Z0-9]{32}"
      severity: high

# Ignore specific files
src/test/fixtures/mock-credentials.ts

# Ignore specific lines (use inline comment)
# security-scan-ignore: test fixture
const mockApiKey = "sk_test_fake123";