Summary
Scans your Python code for common security issues like SQL injection, unsafe deserialization, and hardcoded secrets. Best used in CI pipelines or when you're auditing a legacy codebase before refactoring. Everything runs locally, so your code never leaves your machine. It expects standard Python project files like requirements.txt or pyproject.toml, and may choke on unusual project structures or very old Python versions. Not a replacement for proper security review, but catches the obvious stuff before it becomes a problem. Honestly, this is the kind of check you should be running automatically anyway.
Install to Claude Code
npx -y skills add jorgealves/agent_skills --skill python-security-scanner --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Python Security Scanner
Purpose and Intent
Detect common Python vulnerabilities such as SQL injection, unsafe deserialization, and hardcoded secrets. Use as part of a secure SDLC for Python projects.
When to Use
- Project Setup: When initializing a new Python project.
- Continuous Integration: As part of automated build and test pipelines.
- Legacy Refactoring: When updating older Python codebases to modern standards.
When NOT to Use
- Non-Python Projects: This tool is specialized for the Python ecosystem.
Error Conditions and Edge Cases
- Missing Requirements: If the project lacks a requirements.txt or pyproject.toml.
- Incompatible Versions: If the project uses a Python version not supported by the tools.
Security and Data-Handling Considerations
- All analysis is performed locally.
- No source code or credentials are ever transmitted externally.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
