Skill Gallery
Back to list
jrc1883

pop-assessment-security

by jrc1883

AI-powered development workflow automation for Claude Code. Modular plugin suite with 23 commands, 38 skills, and 22 specialized agents for professional software development.

2🍴 0📅 Jan 24, 2026
ai-workflowsautomationclaude-codeclaude-plugindeveloper-toolsdevelopment-toolsproductivitypython
View on GitHubRun in Manus

SKILL.md

name: pop-assessment-security description: "Validates PopKit security posture using concrete vulnerability patterns, automated secret scanning, and OWASP-aligned checklists" context: fork triggers:

  • assess security
  • security audit
  • vulnerability scan version: 1.0.0

Security Assessment Skill

Purpose

Provides concrete, reproducible security assessment for PopKit plugins using:

  • Machine-readable vulnerability patterns
  • Automated secret and injection scanning
  • OWASP-aligned security checklists
  • Deterministic scoring

How to Use

Step 1: Run Automated Security Scan

python skills/pop-assessment-security/scripts/scan_secrets.py packages/plugin/
python skills/pop-assessment-security/scripts/scan_injection.py packages/plugin/
python skills/pop-assessment-security/scripts/calculate_risk.py packages/plugin/

Step 2: Apply Security Checklists

Read and apply checklists in order:

  1. checklists/secret-detection.json - Hardcoded credentials
  2. checklists/injection-patterns.json - Command/path injection
  3. checklists/owasp-alignment.json - OWASP Top 10 mapping

Step 3: Generate Report

Combine automated findings with checklist results for final security report.

Standards Reference

StandardFileKey Checks
Secret Detectionstandards/secret-patterns.mdSD-001 through SD-010
Injection Preventionstandards/injection-prevention.mdIP-001 through IP-008
Access Controlstandards/access-control.mdAC-001 through AC-006
Input Validationstandards/input-validation.mdIV-001 through IV-008

Severity Classification

LevelScoreDescriptionAction
Critical9-10Immediately exploitableBlock release
High7-8Likely exploitableMust fix
Medium4-6Conditionally exploitableShould fix
Low1-3Minor riskConsider fixing
Info0Best practiceOptional

Output

Returns JSON with:

  • risk_score: 0-100 (higher = more risk)
  • vulnerabilities: List with severity, location, CWE
  • passed_checks: Security controls that passed
  • recommendations: Prioritized fix list

Score

Total Score

75/100

Based on repository quality metrics

SKILL.md

SKILL.mdファイルが含まれている

+20
LICENSE

ライセンスが設定されている

+10
説明文

100文字以上の説明がある

+10
人気

GitHub Stars 100以上

0/15
最近の活動

1ヶ月以内に更新

+10
フォーク

10回以上フォークされている

0/5
Issue管理

オープンIssueが50未満

+5
言語

プログラミング言語が設定されている

+5
タグ

1つ以上のタグが設定されている

+5

Reviews

💬

Reviews coming soon