The security-scan skill audits Claude Code project configurations for vulnerabilities, misconfigurations, and injection risks by scanning the `.claude/` directory using AgentShield, checking files like CLAUDE.md, settings.json, MCP servers, hooks, and agent definitions. It's designed for developers and teams setting up new Claude Code projects or modifying existing configurations who need to identify and remediate security issues before deployment. This skill solves the problem of detecting hardcoded secrets, overly permissive access controls, prompt injection vectors, and command injection risks that could compromise Claude Code agent security.
npx skills add https://github.com/affaan-m/everything-claude-code --skill security-scan