SKILL·42D29A

sast-horusec

aiskillstore
更新于 1 month ago
19 次查看
162
7
162
在 GitHub 上查看
其他sasthorusecvulnerability-scanningmulti-languagesecrets-detectionstatic-analysissecure-sdlc

关于

This skill performs multi-language static application security testing (SAST) using Horusec, scanning for vulnerabilities across 18+ languages and detecting secrets in git history. It integrates into CI/CD pipelines to provide prioritized security findings with severity classification. Use it for comprehensive security analysis during development and to maintain a secure SDLC.

快速安装

Claude Code

推荐
主要方式
npx skills add aiskillstore/marketplace -a claude-code
插件命令备选方式
/plugin add https://github.com/aiskillstore/marketplace
Git 克隆备选方式
git clone https://github.com/aiskillstore/marketplace.git ~/.claude/skills/sast-horusec

在 Claude Code 中复制并粘贴此命令以安装该技能

GitHub 仓库

aiskillstore/marketplace
路径: skills/agentsecops/sast-horusec
0
ai-skillsclaudeclaude-codeclaude-skillscodexcodex-skills
FAQ

Frequently asked questions

What is the sast-horusec skill?

sast-horusec is a Claude Skill by aiskillstore. Skills package instructions and resources that Claude loads on demand, so Claude can perform sast-horusec-related tasks without extra prompting.

How do I install sast-horusec?

Use the install commands on this page: add sast-horusec to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.

What category does sast-horusec belong to?

sast-horusec is in the secsdlc category, tagged sast, horusec, vulnerability-scanning, multi-language, secrets-detection and static-analysis.

Is sast-horusec free to use?

Yes. sast-horusec is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.

相关推荐技能

reviewdog
其他

reviewdog Skill 自动化集成多种代码安全与质量工具(如SAST、linter)到CI/CD流程中,并将发现的问题统一汇总为PR上的代码评审评论。它主要用于在代码审查工作流中强制执行安全编码标准,并为开发者提供内联的安全问题标注。此工具能帮助团队在开发早期发现并修复问题,提升代码安全性与质量。

查看技能
sbom-syft
其他

sbom-syft Skill 使用 Syft 工具为容器镜像、文件系统和归档文件生成软件物料清单(SBOM),支持 28 种以上生态系统的包检测和多种输出格式。它主要用于依赖项漏洞扫描、许可证合规性检查以及增强软件供应链安全。开发者可以将其集成到 CI/CD 流程中,以自动化生成 SBOM 甚至创建签名的 SBOM 证明。

查看技能
content-collections

Content Collections 是一个 TypeScript 优先的构建工具,可将本地 Markdown/MDX 文件转换为类型安全的数据集合。它专为构建博客、文档站和内容密集型 Vite+React 应用而设计,提供基于 Zod 的自动模式验证。该工具涵盖从 Vite 插件配置、MDX 编译到生产环境部署的完整工作流。

查看技能
polymarket

这个Claude Skill为开发者提供完整的Polymarket预测市场开发支持,涵盖API调用、交易执行和市场数据分析。关键特性包括实时WebSocket数据流,可监控实时交易、订单和市场动态。开发者可用它构建预测市场应用、实施交易策略并集成实时市场预测功能。

查看技能