Security skills for Claude Code. Install them once and ask Claude, in plain language, to scan a repo for leaked secrets, review Python code, red-team an LLM for prompt injection, or audit HTTP headers, JWTs, Dockerfiles, CORS, and dependencies. Claude picks the right skill, runs it, and explains what it found.
Everything here runs on the Python standard library — no packages to install, nothing phoning home. The analysis runs offline; only the few skills that need to hit a URL use the network, and only when you ask them to.
Other languages: Español · Русский
| Skill | What it does | Engine |
|---|---|---|
| secret-scanner | Finds hardcoded API keys, tokens and private keys using vendor patterns plus Shannon-entropy analysis, tuned for few false positives | Custom entropy engine |
| sast-lite | AST-based static analysis for Python: command injection, eval/exec, insecure deserialization, SQLi, weak crypto, disabled TLS — each tagged with a CWE | Python ast walker |
| prompt-injection-tester | Red-teams your own LLM app with a categorized payload library and canary detection, then scores resilience 0–100 | Canary harness |
| http-sec-audit | Checks HTTP security headers and cookie flags (CSP, HSTS, SameSite, …) and gives concrete fixes | urllib + pure core |
| jwt-inspector | Decodes and audits JWTs (alg=none, weak expiry, claim hygiene) and cracks weak HMAC secrets offline | HMAC + checks |
| dependency-check | Flags known-vulnerable and unpinned deps in requirements.txt, package.json and pyproject.toml; offline DB plus optional OSV.dev |
Version matcher |
| dockerfile-scan | Catches insecure Dockerfile patterns: running as root, :latest base images, curl | sh, remote ADD, baked-in secrets |
Dockerfile parser |
| cors-auditor | Audits CORS config for wildcard-with-credentials, reflected origins, null origin and overly broad methods |
Header analyzer |
Each skill is self-contained, has its own tests, and exits non-zero when it finds something — so it also works as a CI step.
Copy the skills into your project's .claude/skills/ directory:
git clone https://github.com/NovaCode37/claude-security-skills.git
cp -r claude-security-skills/skills/* .claude/skills/Or into ~/.claude/skills/ to have them in every project. Restart Claude Code
and it discovers them from each SKILL.md. There's nothing else to install.
Just ask Claude. For example:
| You say | Claude runs |
|---|---|
| "Any secrets committed in here?" | secret-scanner |
| "Security-review this Python file." | sast-lite |
| "Is my AI assistant jailbreakable?" | prompt-injection-tester |
| "Check example.com's security headers." | http-sec-audit |
| "Decode and audit this JWT." | jwt-inspector |
| "Are my dependencies vulnerable?" | dependency-check |
| "Review my Dockerfile." | dockerfile-scan |
| "Is my API's CORS safe?" | cors-auditor |
Every engine also runs on its own from the command line:
python skills/secret-scanner/engine.py . --json
python skills/sast-lite/analyzer.py src/ --min-severity high
python skills/prompt-injection-tester/attacker.py --demo
python skills/http-sec-audit/audit.py https://example.com
python skills/jwt-inspector/inspector.py "<token>"
python skills/dependency-check/checker.py requirements.txt
python skills/dockerfile-scan/scanner.py Dockerfile
python skills/cors-auditor/auditor.py https://api.example.comHere's what a run looks like:
$ python skills/secret-scanner/engine.py .
[secret-scanner] 2 potential secret(s) found:
CRITICAL src/config.py:14:18
Stripe secret key [stripe-secret] value=sk_l...k1L2 (len=32)
HIGH src/config.py:12:11
AWS Access Key ID [aws-access-key-id] value=AKIA...MPLE (len=20)
Summary: critical=1, high=1pip install pytest
pytest skills/ -q158 tests, all offline, run in under a second.
- No runtime dependencies. Pure Python 3.9+ stdlib, so the skills run in locked-down CI and are easy to read and audit.
- Offline by default. The analysis logic takes data in and returns findings; network access is optional and explicit.
- Few false positives. Entropy thresholds, keyword anchoring and placeholder allowlists keep the noise down.
- CI-friendly. Consistent exit codes (
0clean,1findings,2error) and--jsonon every skill. - Safe by default. Secrets are redacted in output, and the offensive skills are meant for systems you own or are allowed to test.
New skills and rules are welcome. The good first issues in docs/GOOD_FIRST_ISSUES.md each say which file to edit and how to know you're done, and CONTRIBUTING.md has the skill template and conventions. If you have an idea, open a discussion.
These tools are for authorized security testing, learning and defensive work. Only scan systems and data you own or have permission to test. The maintainers aren't responsible for misuse.