scanning-database-security
关于
This skill enables Claude to perform automated security scans on PostgreSQL and MySQL databases when users request vulnerability assessments. It identifies issues like weak passwords and SQL injection risks using OWASP guidelines and provides remediation suggestions. Use it for tasks like checking database security posture or performing OWASP compliance checks.
快速安装
Claude Code
推荐/plugin add https://github.com/jeremylongshore/claude-code-plugins-plusgit clone https://github.com/jeremylongshore/claude-code-plugins-plus.git ~/.claude/skills/scanning-database-security在 Claude Code 中复制并粘贴此命令以安装该技能
技能文档
Overview
This skill empowers Claude to automatically assess the security of databases by utilizing the database-security-scanner plugin. It identifies vulnerabilities, provides OWASP compliance reports, and suggests remediation steps to improve the database's security posture.
How It Works
- Initiate Scan: The user's request triggers the database-security-scanner plugin.
- Vulnerability Assessment: The plugin scans the specified database for common vulnerabilities, including weak passwords, SQL injection risks, and insecure configurations.
- Report Generation: The plugin generates a detailed report outlining identified vulnerabilities and OWASP compliance status.
- Remediation Suggestions: The plugin provides actionable recommendations and, where possible, automated remediation scripts to address identified vulnerabilities.
When to Use This Skill
This skill activates when you need to:
- Assess the security posture of a database.
- Identify potential vulnerabilities in a database configuration.
- Ensure a database complies with OWASP security guidelines.
Examples
Example 1: Assessing PostgreSQL Security
User request: "Scan the PostgreSQL database for security vulnerabilities and generate a report."
The skill will:
- Activate the database-security-scanner plugin.
- Scan the PostgreSQL database for vulnerabilities.
- Generate a report detailing the findings and remediation recommendations.
Example 2: Checking MySQL for OWASP Compliance
User request: "Perform an OWASP compliance check on the MySQL database."
The skill will:
- Activate the database-security-scanner plugin.
- Scan the MySQL database for OWASP compliance.
- Generate a report outlining any compliance violations and suggested fixes.
Best Practices
- Database Access: Ensure Claude has the necessary credentials and permissions to access the database being scanned.
- Regular Scans: Schedule regular security scans to continuously monitor the database for new vulnerabilities.
- Remediation: Implement the suggested remediation steps to address identified vulnerabilities promptly.
Integration
This skill can be used in conjunction with other database management and security plugins to create a comprehensive database security workflow. For instance, it can be integrated with a plugin that automatically applies security patches based on the scanner's recommendations.
GitHub 仓库
相关推荐技能
content-collections
元Content Collections 是一个 TypeScript 优先的构建工具,可将本地 Markdown/MDX 文件转换为类型安全的数据集合。它专为构建博客、文档站和内容密集型 Vite+React 应用而设计,提供基于 Zod 的自动模式验证。该工具涵盖从 Vite 插件配置、MDX 编译到生产环境部署的完整工作流。
creating-opencode-plugins
元该Skill为开发者创建OpenCode插件提供指导,涵盖命令、文件、LSP等25+种事件类型。它详细说明了插件结构、事件API规范及JavaScript/TypeScript实现模式,帮助开发者构建事件驱动的模块。适用于需要拦截操作、扩展功能或自定义AI助手行为的插件开发场景。
sglang
元SGLang是一个专为LLM设计的高性能推理框架,特别适用于需要结构化输出的场景。它通过RadixAttention前缀缓存技术,在处理JSON、正则表达式、工具调用等具有重复前缀的复杂工作流时,能实现极速生成。如果你正在构建智能体或多轮对话系统,并追求远超vLLM的推理性能,SGLang是理想选择。
evaluating-llms-harness
测试该Skill通过60+个学术基准测试(如MMLU、GSM8K等)评估大语言模型质量,适用于模型对比、学术研究及训练进度追踪。它支持HuggingFace、vLLM和API接口,被EleutherAI等行业领先机构广泛采用。开发者可通过简单命令行快速对模型进行多任务批量评估。