← Back to list
security-detection
by rjmurillo
Multi-agent system for software development
⭐ 5🍴 0📅 Jan 24, 2026
Run in ManusSKILL.md
name: security-detection description: Detect infrastructure and security-critical file changes to trigger security agent review recommendations ensuring proper security oversight for sensitive modifications. license: MIT metadata: version: 1.0.0 model: claude-haiku-4-5
Security Detection Utility
Purpose
Detect infrastructure and security-critical file changes to trigger security agent review recommendations.
Location
.claude/skills/security-detection/
Available Scripts
| Script | Language | Usage |
|---|---|---|
detect-infrastructure.ps1 | PowerShell | Windows/Cross-platform |
detect_infrastructure.py | Python 3 | Cross-platform |
Usage
PowerShell
# Analyze staged files
.\detect-infrastructure.ps1 -UseGitStaged
# Analyze specific files
.\detect-infrastructure.ps1 -ChangedFiles @(".github/workflows/ci.yml", "src/auth/login.cs")
Python
# Analyze staged files
python detect_infrastructure.py --git-staged
# Analyze specific files
python detect_infrastructure.py .github/workflows/ci.yml src/auth/login.cs
Output
When security-critical files are detected:
=== Security Review Detection ===
CRITICAL: Security agent review REQUIRED
Matching files:
[CRITICAL] .github/workflows/deploy.yml
[HIGH] src/Controllers/AuthController.cs
Run security agent before implementation:
Task(subagent_type="security", prompt="Review infrastructure changes")
When no matches:
No infrastructure/security files detected.
Risk Levels
| Level | Meaning | Action |
|---|---|---|
| CRITICAL | Immediate security implications | Review REQUIRED |
| HIGH | Potential security impact | Review RECOMMENDED |
Detected Patterns
Critical (Review Required)
- CI/CD workflows (
.github/workflows/*) - Git hooks (
.githooks/*,.husky/*) - Authentication code (
**/Auth/**,**/Security/**) - Environment files (
*.env*) - Credentials and keys (
*.pem,*.key,*secret*)
High (Review Recommended)
- Build scripts (
build/**/*.ps1,scripts/**/*.sh) - Container configs (
Dockerfile*,docker-compose*) - API controllers (
**/Controllers/**) - App configuration (
appsettings*.json) - Infrastructure as Code (
*.tf,*.tfvars,*.bicep)
Integration
Pre-commit Hook
Add to .githooks/pre-commit:
# Security detection (non-blocking warning)
if command -v python3 &> /dev/null; then
python3 .claude/skills/security-detection/detect_infrastructure.py --git-staged
elif command -v pwsh &> /dev/null; then
pwsh -File .claude/skills/security-detection/detect-infrastructure.ps1 -UseGitStaged
fi
CI Integration
- name: Check security-critical files
run: python .claude/skills/security-detection/detect_infrastructure.py --git-staged
Exit Codes
| Code | Meaning |
|---|---|
| 0 | Success (warning shown if matches found, non-blocking) |
The scripts are designed to be non-blocking warnings. They always exit 0 to avoid blocking commits or CI. The warning is informational only.
Customization
Edit the pattern lists in either script to add or modify detection patterns:
CRITICAL_PATTERNS/$CriticalPatterns- Review requiredHIGH_PATTERNS/$HighPatterns- Review recommended
Related Documents
Score
Total Score
60/100
Based on repository quality metrics
✓SKILL.md
SKILL.mdファイルが含まれている
+20
✓LICENSE
ライセンスが設定されている
+10
○説明文
100文字以上の説明がある
0/10
○人気
GitHub Stars 100以上
0/15
✓最近の活動
1ヶ月以内に更新
+10
○フォーク
10回以上フォークされている
0/5
○Issue管理
オープンIssueが50未満
0/5
✓言語
プログラミング言語が設定されている
+5
✓タグ
1つ以上のタグが設定されている
+5
Reviews
💬
Reviews coming soon
