Summary
Covers the basics of automated security scanning with Trivy, Snyk, and npm audit across dependencies, containers, and code. You get working examples for local scans, a GitHub Actions workflow that fails on high/critical findings, and quick snippets for Python's Bandit and Safety tools. The CI/CD integration is the real value here since it shows how to actually gate deployments on security issues. Missing some depth on handling false positives and vulnerability triage, but it's a solid starting point if you need to add security scanning to a pipeline and don't want to figure out all the CLI flags yourself.
Install to Claude Code
npx -y skills add secondsky/claude-skills --skill vulnerability-scanning --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Select a file.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
