sast-horusec
关于
This skill performs multi-language static application security testing (SAST) using Horusec, scanning for vulnerabilities across 18+ languages and detecting secrets in git history. It integrates into CI/CD pipelines to provide prioritized security findings with severity classification. Use it for comprehensive security analysis during development and to maintain a secure SDLC.
快速安装
Claude Code
推荐npx skills add aiskillstore/marketplace -a claude-code/plugin add https://github.com/aiskillstore/marketplacegit clone https://github.com/aiskillstore/marketplace.git ~/.claude/skills/sast-horusec在 Claude Code 中复制并粘贴此命令以安装该技能
GitHub 仓库
Frequently asked questions
What is the sast-horusec skill?
sast-horusec is a Claude Skill by aiskillstore. Skills package instructions and resources that Claude loads on demand, so Claude can perform sast-horusec-related tasks without extra prompting.
How do I install sast-horusec?
Use the install commands on this page: add sast-horusec to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.
What category does sast-horusec belong to?
sast-horusec is in the secsdlc category, tagged sast, horusec, vulnerability-scanning, multi-language, secrets-detection and static-analysis.
Is sast-horusec free to use?
Yes. sast-horusec is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.
相关推荐技能
reviewdog Skill 自动化集成多种代码安全与质量工具(如SAST、linter)到CI/CD流程中,并将发现的问题统一汇总为PR上的代码评审评论。它主要用于在代码审查工作流中强制执行安全编码标准,并为开发者提供内联的安全问题标注。此工具能帮助团队在开发早期发现并修复问题,提升代码安全性与质量。
sbom-syft Skill 使用 Syft 工具为容器镜像、文件系统和归档文件生成软件物料清单(SBOM),支持 28 种以上生态系统的包检测和多种输出格式。它主要用于依赖项漏洞扫描、许可证合规性检查以及增强软件供应链安全。开发者可以将其集成到 CI/CD 流程中,以自动化生成 SBOM 甚至创建签名的 SBOM 证明。
Content Collections 是一个 TypeScript 优先的构建工具,可将本地 Markdown/MDX 文件转换为类型安全的数据集合。它专为构建博客、文档站和内容密集型 Vite+React 应用而设计,提供基于 Zod 的自动模式验证。该工具涵盖从 Vite 插件配置、MDX 编译到生产环境部署的完整工作流。
这个Claude Skill为开发者提供完整的Polymarket预测市场开发支持,涵盖API调用、交易执行和市场数据分析。关键特性包括实时WebSocket数据流,可监控实时交易、订单和市场动态。开发者可用它构建预测市场应用、实施交易策略并集成实时市场预测功能。
