VibeRune
Commands/security

/security:scan

Quick Security Scan

/security:scan

Claude Code

Agent: security-auditor Skills: security-testing

/security:scan - Quick Security Scan

Perform a quick security scan for common vulnerabilities.

Usage

/security:scan [path]
/security:scan                   # Scan current directory
/security:scan src/              # Scan specific directory
/security:scan --secrets-only    # Only check for secrets

Execution Steps

1. Tool Detection

SEMGREP=$(which semgrep 2>/dev/null)
GITLEAKS=$(which gitleaks 2>/dev/null)
TRIVY=$(which trivy 2>/dev/null)
echo "Tools: semgrep=$([[ -n $SEMGREP ]] && echo 'yes' || echo 'no'), gitleaks=$([[ -n $GITLEAKS ]] && echo 'yes' || echo 'no')"

2. Secret Detection (Priority 1)

# With gitleaks
gitleaks detect --source . --report-format json

# Fallback: Grep patterns
grep -rE "(api[_-]?key|secret|password|token|aws_access).*['\"][a-zA-Z0-9]{16,}" \
  --include="*.{js,ts,py,json,yaml,yml,env,config}" \
  --exclude-dir={node_modules,.git,dist,build}

3. Injection Vulnerabilities (Priority 2)

# SQL Injection patterns
grep -rE "execute\(.*\+|query\(.*\$|\$\{.*\}.*SELECT" --include="*.{js,ts,py}"

# Command Injection patterns
grep -rE "exec\(|spawn\(|system\(" --include="*.{js,ts,py}"

4. XSS Vulnerabilities (Priority 3)

grep -rE "innerHTML|dangerouslySetInnerHTML|v-html|document\.write" \
  --include="*.{js,ts,jsx,tsx,vue}"

5. Dependency Check

# With trivy
trivy fs --scanners vuln .

# Fallback: Check for known vulnerable packages
npm audit --json 2>/dev/null || yarn audit --json 2>/dev/null

Agent Configuration

agent: security-auditor
skills:
  - security-testing
confirmation: none  # Scan is read-only

Output Template

## Quick Security Scan
- **Path**: {scanned-path}
- **Date**: {timestamp}
- **Tools**: {tools-used}

## Summary
| Category | Findings |
|----------|----------|
| Secrets | X |
| Injection | X |
| XSS | X |
| Dependencies | X |

## Critical Findings
[List any Critical/High severity items]

## Recommendations
1. [Priority actions]

Severity Guidelines

Finding TypeDefault Severity
Hardcoded secretsCritical
SQL injectionCritical
Command injectionCritical
XSS (stored)High
XSS (reflected)Medium
Outdated dependencies (CVE)Varies by CVSS

/security:audit

Comprehensive Security Audit

/security:fix

Apply Security Fixes

On this page

/security:scan/security:scan - Quick Security ScanUsageExecution Steps1. Tool Detection2. Secret Detection (Priority 1)3. Injection Vulnerabilities (Priority 2)4. XSS Vulnerabilities (Priority 3)5. Dependency CheckAgent ConfigurationOutput TemplateSeverity Guidelines