Agentsecops Secopsagentkit
SecOpsAgentKit is a Claude Code plugin for the Ship phase that equips your agent with 25+ DevSecOps skills to scan for vulnerabilities, secrets, and policy violations while you code.
by AgentSecOps · github.com/AgentSecOps/SecOpsAgentKit
Install when you want Claude Code to run DevSecOps checks—vulnerability scans, secret detection, container hardening, and policy-as-code—without bolting on separate security tools for every repo.
Add it to Claude Code
Install the plugin in Claude Code. One command, paste-ready.
/plugin install agentsecops-secopsagentkit@AgentSecOps/SecOpsAgentKitBuilt to be called by your agent
Skillselion is itself an MCP server. Your agent can pull this entry and a paste-ready install config straight from the API - no copy-paste.
Retrieve this entry with skillselion.get_details("plugin:AgentSecOps/SecOpsAgentKit") and the paste-ready config with skillselion.get_install_config("plugin:AgentSecOps/SecOpsAgentKit").
What it does
SecOpsAgentKit is an AgentSecOps Claude Code plugin bundle aimed at solo builders and small teams who ship with AI coding agents but cannot afford a full security org. It packages more than twenty-five skills across seven plugins so Claude can catch vulnerabilities early, scan containers, hunt secrets in repos, model threats with STRIDE, apply Sigma-style detection thinking, and tie findings to compliance frameworks like HIPAA and PCI-DSS. Use it when you are hardening a SaaS API, tightening a CI pipeline, or reviewing code before launch—not as a replacement for professional penetration tests, but as continuous agent-driven guardrails. The toolkit emphasizes DevSecOps automation, policy-as-code enforcement, secure software lifecycle rituals, and incident-oriented response patterns so security work stays in the same session as implementation. Repository momentum is modest but focused; treat outputs as signals to verify, not automatic pass/fail unless you wire real scanners and policies behind the skills.
Highlights
- Bundle of 7 Claude Code plugins packaging 25+ security-oriented agent skills
- Coverage spans AppSec, container scanning, secret detection, Sigma rules, STRIDE threat modeling, and policy enforcement
- DevSecOps and SecSDLc workflows: reconnaissance, penetration testing patterns, vulnerability assessment, and secure revi
- Compliance and standards hooks for HIPAA, PCI-DSS, and policy-as-code automation
- Offensive-security and defensive-hunting skills for validation plus engineering feedback loops
Why builders use it
AI agents ship features fast but rarely run consistent security reviews, container checks, or compliance-aware threat modeling unless you manually prompt for them every time.
After you register the bundle, Claude can invoke structured security skills in-line—surfacing risks, suggesting remediations, and aligning work with policy and compliance checklists before you merge or deploy.
At a glance
- Type - Plugin in Security.
- Adoption - 0 installs, 93 stars, 0 votes.
FAQ
Who is SecOpsAgentKit for?
Solo and indie developers using Claude Code who own security themselves and want agent-native scanning, review, and compliance-oriented workflows without a dedicated SecOps team.
When should I use SecOpsAgentKit?
Use it before merging risky changes, when onboarding a new repo, before container deploys, or whenever you need STRIDE threat models, secret checks, or policy-as-code guidance in the same coding session.
How do I add SecOpsAgentKit to my agent?
Install or register the AgentSecOps/SecOpsAgentKit Claude Code plugin from the catalog, enable its seven bundled plugins in your Claude Code configuration, then invoke security skills by name or let the agent suggest them during ship and review tasks.
Comments
Share how you use agentsecops-secopsagentkit, gotchas, or tips for other indie builders.
No comments yet - be the first to share how you use it.