Scans your Python code for common security issues like SQL injection, unsafe deserialization, and hardcoded secrets. Best used in CI pipelines or when you're auditing a legacy codebase before refactoring. Everything runs locally, so your code never leaves your machine. It expects standard Python project files like requirements.txt or pyproject.toml, and may choke on unusual project structures or very old Python versions. Not a replacement for proper security review, but catches the obvious stuff before it becomes a problem. Honestly, this is the kind of check you should be running automatically anyway.
npx skills add https://github.com/jorgealves/agent_skills --skill python-security-scanner