Runs security scanners (semgrep, gosec, gitleaks) against your repo with three modes: quick gate for pre-PR checks, full gate for releases, and scheduled scans to catch drift. Outputs structured reports to a temp directory and blocks on high/critical findings. The execution contract is clear about what runs when, which is half the battle with security tooling that teams bolt on and then ignore. Pairs with a separate deps skill for vulnerability scanning. If you need a single command that actually stops bad code from shipping instead of generating noise in Slack, this is the wrapper you write yourself or use this one.
npx skills add https://github.com/boshu2/agentops --skill security