Agent-Skills.md

Agent Skills: Security Scanning

CI security scanning: secrets, deps, SAST, triage, expiring exceptions

universalID: bobmatnyc/claude-mpm-skills/security-scanning

Repository

bobmatnyc/claude-mpm-skills
bobmatnycLicense: MIT
112

Install this agent skill to your local

pnpm dlx add-skill https://github.com/bobmatnyc/claude-mpm-skills/tree/HEAD/universal/security/security-scanning

Skill Files

Browse the full folder contents for security-scanning.

Download Skill

Loading file tree…

universal/security/security-scanning/SKILL.md

Skill Metadata

Name
security-scanning
Description
"CI security scanning: secrets, deps, SAST, triage, expiring exceptions"

Security Scanning

Quick Start

  • Secrets: fail fast; rotate on exposure.
  • Dependencies: gate critical/high; automate updates.
  • SAST: start high-signal; ratchet over time.
  • Exceptions: require reason, owner, and expiry.

Load Next (References)

  • references/tooling-matrix.md
  • references/ci-workflows.md
  • references/triage-and-remediation.md
  • references/common-findings-and-fixes.md
  • references/supply-chain-and-sbom.md