Claude Code Plugins

Community-maintained marketplace

Feedback

security-detection

@rjmurillo/ai-agents
3
0

Detect infrastructure and security-critical file changes to trigger security agent review recommendations ensuring proper security oversight for sensitive modifications.

Install Skill

1Download skill
2Enable skills in Claude

Open claude.ai/settings/capabilities and find the "Skills" section

3Upload to Claude

Click "Upload skill" and select the downloaded ZIP file

Note: Please verify skill by going through its instructions before using it.

SKILL.md

name security-detection
description Detect infrastructure and security-critical file changes to trigger security agent review recommendations ensuring proper security oversight for sensitive modifications.
license MIT
metadata null
version 1.0.0
model claude-haiku-4-5

Security Detection Utility

Purpose

Detect infrastructure and security-critical file changes to trigger security agent review recommendations.

Location

.claude/skills/security-detection/

Available Scripts

Script Language Usage
detect-infrastructure.ps1 PowerShell Windows/Cross-platform
detect_infrastructure.py Python 3 Cross-platform

Usage

PowerShell

# Analyze staged files
.\detect-infrastructure.ps1 -UseGitStaged

# Analyze specific files
.\detect-infrastructure.ps1 -ChangedFiles @(".github/workflows/ci.yml", "src/auth/login.cs")

Python

# Analyze staged files
python detect_infrastructure.py --git-staged

# Analyze specific files
python detect_infrastructure.py .github/workflows/ci.yml src/auth/login.cs

Output

When security-critical files are detected:

=== Security Review Detection ===

CRITICAL: Security agent review REQUIRED

Matching files:
  [CRITICAL] .github/workflows/deploy.yml
  [HIGH] src/Controllers/AuthController.cs

Run security agent before implementation:
  Task(subagent_type="security", prompt="Review infrastructure changes")

When no matches:

No infrastructure/security files detected.

Risk Levels

Level Meaning Action
CRITICAL Immediate security implications Review REQUIRED
HIGH Potential security impact Review RECOMMENDED

Detected Patterns

Critical (Review Required)

  • CI/CD workflows (.github/workflows/*)
  • Git hooks (.githooks/*, .husky/*)
  • Authentication code (**/Auth/**, **/Security/**)
  • Environment files (*.env*)
  • Credentials and keys (*.pem, *.key, *secret*)

High (Review Recommended)

  • Build scripts (build/**/*.ps1, scripts/**/*.sh)
  • Container configs (Dockerfile*, docker-compose*)
  • API controllers (**/Controllers/**)
  • App configuration (appsettings*.json)
  • Infrastructure as Code (*.tf, *.tfvars, *.bicep)

Integration

Pre-commit Hook

Add to .githooks/pre-commit:

# Security detection (non-blocking warning)
if command -v python3 &> /dev/null; then
    python3 .claude/skills/security-detection/detect_infrastructure.py --git-staged
elif command -v pwsh &> /dev/null; then
    pwsh -File .claude/skills/security-detection/detect-infrastructure.ps1 -UseGitStaged
fi

CI Integration

- name: Check security-critical files
  run: python .claude/skills/security-detection/detect_infrastructure.py --git-staged

Exit Codes

Code Meaning
0 Success (warning shown if matches found, non-blocking)

The scripts are designed to be non-blocking warnings. They always exit 0 to avoid blocking commits or CI. The warning is informational only.

Customization

Edit the pattern lists in either script to add or modify detection patterns:

  • CRITICAL_PATTERNS / $CriticalPatterns - Review required
  • HIGH_PATTERNS / $HighPatterns - Review recommended

Related Documents