security-vuln-scanner

v1.0.0

扫描代码中常见安全漏洞如SQL注入、XSS、硬编码密码，提供检测结果和安全评分建议。

Sourced from ClawHub, Authored by HonestQiao

Installation

Please help me install the skill `security-vuln-scanner` from SkillHub official store. npx skills add HonestQiao/security-vuln-scanner

Security Vulnerability Scanner

扫描代码中的安全漏洞，提供修复建议。

功能

SQL 注入检测
XSS 跨站脚本检测
硬编码密码/密钥检测
不安全随机数检测
命令注入检测
敏感信息泄露检测
安全评分

触发词

"安全扫描"
"漏洞检测"
"security scan"
"vulnerability"

检测模式

const patterns = {
  sqlInjection: /querys*(s*['"`].*${/,
  xss: /innerHTMLs*=|document.write/,
  hardcodedSecret: /passwords*=s*['"][^'"]+['"]/,
  insecureRandom: /Math.random()/,
  commandInjection: /execs*(s*${/
};

输出示例

{
  "vulnerabilities": [
    {
      "type": "sql_injection",
      "line": 42,
      "severity": "high",
      "message": "检测到SQL注入风险"
    }
  ],
  "score": 65
}

Popularity

0 Stars

DLs

625

Installs

1

View Repository

AI Security

98

None

Audited by AI Guard