AgentSkillsCN

security-scan

扫描Claude Code配置文件(.claude/)中的安全漏洞。当用户说“/security-scan”、“审计我的配置”、“检查安全”或在提交.claude/更改之前使用。运行一个Bash脚本,检查硬编码的密钥、权限配置错误、钩子注入风险以及MCP相关问题。

SKILL.md
--- frontmatter
name: security-scan
description: Scan Claude Code configuration (.claude/) for security vulnerabilities. Use when the user says "/security-scan", "audit my config", "check security", or before committing .claude/ changes. Runs a bash script that checks for hardcoded secrets, permission misconfigs, hook injection risks, and MCP issues.
allowed-tools:
  - Bash
  - Read
  - Glob
  - Grep

Security Scan

审计 .claude/ 配置的安全性:secrets、permissions、hooks、MCP、agents。

Usage

Run the scan script against a target directory:

bash
~/.claude/skills/security-scan/scan.sh [path-to-claude-dir]

If no path is given, it scans the current project's .claude/ directory, falling back to ~/.claude/.

What It Checks

CategoryChecks
SecretsAPI keys, tokens, passwords hardcoded in CLAUDE.md, settings.json, mcp.json
PermissionsBash(*) wildcard, missing deny lists, dangerous commands in allow list
HooksCommand injection via ${var} interpolation, data exfil (curl/wget), silent error suppression
MCPHardcoded env secrets, npx -y auto-install, shell-running servers
AgentsUnrestricted Bash access, missing model spec, prompt injection surface

Severity Levels

  • CRITICAL — Fix immediately: hardcoded secrets, Bash(*) allow
  • HIGH — Fix before production: injection in hooks, missing deny lists
  • MEDIUM — Recommended: silent error suppression, npx -y in MCP
  • INFO — Awareness: missing descriptions, style suggestions

Grading

GradeScoreMeaning
A90-100Secure configuration
B75-89Minor issues
C60-74Needs attention
D40-59Significant risks
F0-39Critical vulnerabilities

Workflow

  1. Run scan.sh — get the report with findings and grade
  2. Review each finding — the script shows file, line, severity, and fix suggestion
  3. Apply fixes — edit the flagged files
  4. Re-run scan.sh — confirm grade improved

After the Scan

Based on findings, suggest concrete fixes:

  • Replace hardcoded secrets with env var references ($ENV_NAME)
  • Scope wildcard permissions (Bash(*) → specific commands)
  • Quote variables in hooks to prevent injection
  • Add deny lists for dangerous commands
  • Remove npx -y from MCP configs