Security Scan
Audit a Claude Code `.claude/` tree for misconfigurations, injection risk, and secret leakage before you ship or share a repo.
Overview
Security Scan is an agent skill most often used in Ship (also Build agent-tooling, Operate iterate) that audits Claude Code configuration with AgentShield for secrets, injection risk, and dangerous permissions.
Install
npx skills add https://github.com/affaan-m/everything-claude-code --skill security-scanWhat is this skill?
- Scans CLAUDE.md, settings.json, mcp.json, hooks/, and agents/*.md with documented check categories per file type
- Flags hardcoded secrets, prompt-injection patterns, permissive allow lists, and risky MCP/npx supply-chain setups
- Hooks audit covers command injection via interpolation, exfiltration paths, and silent error suppression
- Runs via `npx ecc-agentshield scan` or global `ecc-agentshield` after optional npm install
- Recommended on new projects, after config edits, before committing configs, and for periodic hygiene
- 5 configuration surfaces scanned: CLAUDE.md, settings.json, mcp.json, hooks/, agents/*.md
Adoption & trust: 5.3k installs on skills.sh; 210k GitHub stars; 1/3 security scanners passed (skills.sh audits).
What problem does it solve?
You extended Claude Code with MCP servers, hooks, and custom agents but cannot tell if settings leak secrets or grant unsafe tool access.
Who is it for?
Solo builders maintaining `.claude/` configs who want a repeatable audit before sharing repos or enabling powerful hooks and MCP tools.
Skip if: Teams auditing application source code or cloud IAM—this skill targets Claude Code project configuration, not your app runtime stack.
When should I use this skill?
Setting up a new Claude Code project, after modifying CLAUDE.md or MCP configs, before committing configuration changes, onboarding to repos with existing configs, or periodic security hygiene checks.
What do I get? / Deliverables
You get a structured AgentShield scan across core config files so you can fix misconfigurations before commit or wider rollout.
- AgentShield scan report with findings across CLAUDE.md, settings, MCP, hooks, and agents
- Actionable remediation list for secrets, permissions, and injection risks
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Security review of agent configuration is the canonical pre-ship gate before commits and production use. AgentShield-style scans map directly to appsec hygiene for CLAUDE.md, MCP, hooks, and agent definitions.
Where it fits
After wiring new MCP servers and custom agents, run a scan before teammates clone the repo.
Gate a PR that touches `.claude/settings.json` or hook scripts with an AgentShield pass.
Re-scan quarterly when dependency-based MCP entries or npx invocations change.
How it compares
Use as a dedicated config checker for the agent workspace, not as a general SAST scanner for application repositories.
Common Questions / FAQ
Who is security-scan for?
Indie and solo developers using Claude Code who own CLAUDE.md, settings.json, MCP configs, hooks, and agent markdown in their repos.
When should I use security-scan?
On new Claude Code projects, after changing settings or MCP definitions, before committing configuration changes, when joining a repo with existing `.claude/` files, and during periodic hygiene in Ship security and Operate iterate.
Is security-scan safe to install?
It invokes AgentShield via npm/npx to read local config; review the Security Audits panel on this Prism page and vet third-party scan tooling before running in sensitive environments.
SKILL.md
READMESKILL.md - Security Scan
# Security Scan Skill Audit your Claude Code configuration for security issues using [AgentShield](https://github.com/affaan-m/agentshield). ## When to Activate - Setting up a new Claude Code project - After modifying `.claude/settings.json`, `CLAUDE.md`, or MCP configs - Before committing configuration changes - When onboarding to a new repository with existing Claude Code configs - Periodic security hygiene checks ## What It Scans | File | Checks | |------|--------| | `CLAUDE.md` | Hardcoded secrets, auto-run instructions, prompt injection patterns | | `settings.json` | Overly permissive allow lists, missing deny lists, dangerous bypass flags | | `mcp.json` | Risky MCP servers, hardcoded env secrets, npx supply chain risks | | `hooks/` | Command injection via interpolation, data exfiltration, silent error suppression | | `agents/*.md` | Unrestricted tool access, prompt injection surface, missing model specs | ## Prerequisites AgentShield must be installed. Check and install if needed: ```bash # Check if installed npx ecc-agentshield --version # Install globally (recommended) npm install -g ecc-agentshield # Or run directly via npx (no install needed) npx ecc-agentshield scan . ``` ## Usage ### Basic Scan Run against the current project's `.claude/` directory: ```bash # Scan current project npx ecc-agentshield scan # Scan a specific path npx ecc-agentshield scan --path /path/to/.claude # Scan with minimum severity filter npx ecc-agentshield scan --min-severity medium ``` ### Output Formats ```bash # Terminal output (default) — colored report with grade npx ecc-agentshield scan # JSON — for CI/CD integration npx ecc-agentshield scan --format json # Markdown — for documentation npx ecc-agentshield scan --format markdown # HTML — self-contained dark-theme report npx ecc-agentshield scan --format html > security-report.html ``` ### Auto-Fix Apply safe fixes automatically (only fixes marked as auto-fixable): ```bash npx ecc-agentshield scan --fix ``` This will: - Replace hardcoded secrets with environment variable references - Tighten wildcard permissions to scoped alternatives - Never modify manual-only suggestions ### Opus 4.6 Deep Analysis Run the adversarial three-agent pipeline for deeper analysis: ```bash # Requires ANTHROPIC_API_KEY export ANTHROPIC_API_KEY=your-key npx ecc-agentshield scan --opus --stream ``` This runs: 1. **Attacker (Red Team)** — finds attack vectors 2. **Defender (Blue Team)** — recommends hardening 3. **Auditor (Final Verdict)** — synthesizes both perspectives ### Initialize Secure Config Scaffold a new secure `.claude/` configuration from scratch: ```bash npx ecc-agentshield init ``` Creates: - `settings.json` with scoped permissions and deny list - `CLAUDE.md` with security best practices - `mcp.json` placeholder ### GitHub Action Add to your CI pipeline: ```yaml - uses: affaan-m/agentshield@v1 with: path: '.' min-severity: 'medium' fail-on-findings: true ``` ## Severity Levels | Grade | Score | Meaning | |-------|-------|---------| | A | 90-100 | Secure configuration | | B | 75-89 | Minor issues | | C | 60-74 | Needs attention | | D | 40-59 | Significant risks | | F | 0-39 | Critical vulnerabilities | ## Interpreting Results ### Critical Findings (fix immediately) - Hardcoded API keys or tokens in config files - `Bash(*)` in the allow list (unrestricted shell access) - Command injection in hooks via `${file}` interpolation - Shell-running MCP servers ### High Findings (fix before production) - Auto-run instructions in CLAUDE.md (prompt injection vector) - Missing deny lists in permissions - Agents with unnecessary Bash access ### Medium Findings (recommended) - Silent error