Plugins

Expert in application security, OWASP Top 10, authentication, authorization, data protection, and se

from Eyadkelleh/awesome-claude-skills-security

Security review guidance for agent configs, MCP and filesystem exposure, red-team scenarios, and audit prompts.

from varaku1012/aditi.code

from ccplugins/awesome-claude-code-plugins

from ComposioHQ/awesome-claude-plugins

PreToolUse security reminder hook for Claude Code. Catches 12 common security anti-patterns in Edit/Write/MultiEdit operations BEFORE they happen — command injection (exec, os.system, subprocess shell=True), XSS (innerHTML, dangerouslySetInnerHTML, document.write), SQL injection (f-string queries, .format), unsafe deserialization (pickle, yaml.unsafe_load), code injection (eval, new Function), and GitHub Actions workflow injection. Session-state caching prevents duplicate warnings; 30-day auto-cleanup. Disable per-session with ENABLE_SECURITY_REMINDER=0. Ported from David Dworken at Anthropic.

from DennisLiuCk/claude-plugin-marketplace

Security review for Claude-generated code. Pattern-based warnings on edits, LLM-powered diff review on Stop, and an agentic commit reviewer that catches injection, XSS, SSRF, hardcoded secrets, and 25+ other vulnerability classes.

from Ralle1976/claude-code-multimodel

from syeeel/claude-code-go-template

from chrismcgraw60/parallel_plot

Security reminder hook that warns about potential security issues when editing files, including command injection, XSS, and unsafe code patterns

from jason-hchsieh/marketplace

from michelabboud/claude-code

Security review for Claude-generated code. Pattern-based warnings on edits, LLM-powered diff review on Stop, and an agentic commit reviewer that catches injection, XSS, SSRF, hardcoded secrets, and 25+ other vulnerability classes.

from asynkron/Asynkron.GitHubCliX

from rikdc/claude_code_template

from cassao29/claude-secure-plugins

SAST analysis, dependency vulnerability scanning, OWASP Top 10 compliance, container security scanning, and automated security hardening

from EngineerWithAI/engineerwith-agents

SAST analysis, dependency vulnerability scanning, OWASP Top 10 compliance, container security scanning, and automated security hardening

from citadelgrad/scott-cc

from Agentient/vibekit

Commands that fix Dependabot security alerts in GitHub repositories

SeedScope idea-validation agents (evaluate / ingest) driving the algocline alc_run loop.

SeekDB skill bundle — install/deploy, build-from-source, documentation lookup, seekdb-cli, data import (CSV/Excel), and query/export (scalar + hybrid search)

from w00ing/seer-skill

from ComposioHQ/awesome-claude-skills

Public engineering-discipline skills (process-aware-done, iac-not-ad-hoc, yield-on-wait, technical-integrity, terraform-module-layout, grounded-generation, using-laneq, and more) plus four MCP servers (laneq, reddit, dispatch, memory).