jeremylongshore/claude-code-plugins-plus-skills
security-agent
plugins/examples/security-agent/skills/performing-security-code-review/SKILL.md
February 1, 2026
Select agents to install to:
npx add-skill https://github.com/jeremylongshore/claude-code-plugins-plus-skills/blob/main/plugins/examples/security-agent/skills/performing-security-code-review/SKILL.md -a claude-code --skill performing-security-code-reviewInstallation paths:
.claude/skills/performing-security-code-review/# Security Agent This skill provides automated assistance for security agent tasks. ## Overview This skill empowers Claude to act as a security expert, identifying and explaining potential vulnerabilities within code. It leverages the security-agent plugin to provide detailed security analysis, helping developers improve the security posture of their applications. ## How It Works 1. **Receiving Request**: Claude identifies a user's request for a security review or audit of code. 2. **Activating Security Agent**: Claude invokes the security-agent plugin to analyze the provided code. 3. **Generating Security Report**: The security-agent produces a structured report detailing identified vulnerabilities, their severity, affected code locations, and recommended remediation steps. ## When to Use This Skill This skill activates when you need to: - Review code for security vulnerabilities. - Perform a security audit of a codebase. - Identify potential security risks in a software application. ## Examples ### Example 1: Identifying SQL Injection Vulnerability User request: "Please review this database query code for SQL injection vulnerabilities." The skill will: 1. Activate the security-agent plugin to analyze the database query code. 2. Generate a report identifying potential SQL injection vulnerabilities, including the vulnerable code snippet, its severity, and suggested remediation, such as using parameterized queries. ### Example 2: Checking for Insecure Dependencies User request: "Can you check this project's dependencies for known security vulnerabilities?" The skill will: 1. Utilize the security-agent plugin to scan the project's dependencies against known vulnerability databases. 2. Produce a report listing any vulnerable dependencies, their Common Vulnerabilities and Exposures (CVE) identifiers, and recommendations for updating to secure versions. ## Best Practices - **Specificity**: Provide the exact code or project you want reviewed. - **Context**