Claude Directory

Claude Code setups for security

Scan for vulnerabilities, block leaked secrets, guard against prompt injection, and audit dependencies. Defensive configurations for Claude Code across skills, hooks, and agents.

16 items across skills, agents, plugins, MCP servers, prompts, hooks, and guides.

Skills (2)

Browse all skills

Dependency Audit

Audit project dependencies for security vulnerabilities, outdated packages, and license compliance

dependenciessecurityauditnpm+1

Run a comprehensive security audit covering OWASP Top 10, dependency vulnerabilities, secrets detection, and code injection risks

securityauditowaspvulnerabilities+1

Agents (3)

Browse all agents

Security Auditor

Comprehensive security assessment specialist for threat modeling, penetration testing, and code reviews

Securitysecuritypenetration-testing+3

Code Reviewer Pro

Comprehensive code review agent functioning as a senior engineering lead for quality, security, and best practices

Quality & Testingcode-reviewquality+3

Code Reviewer (Feature Dev)

Reviews code for bugs, logic errors, security vulnerabilities, code quality issues, and adherence to project conventions, using confidence-based filtering to report only high-priority issues

Quality & Testingreviewquality+4

Plugins (4)

Browse all plugins

Security Guidance

Real-time security linter detecting injection vulnerabilities, authentication flaws, and OWASP Top 10 issues. Monitors 9 common vulnerability patterns including SQL injection, XSS, CSRF, and insecure deserialization during file editing.

securityvulnerabilityanalysishooks+2

Dependency Auditor

Audit project dependencies for security vulnerabilities, license compliance issues, outdated packages, and unused dependencies

securitydependenciesauditnpm+1

Manage environment variables across .env files with validation, secret detection, sync across environments, and .env.example generation

envconfigurationsecretsdotenv+1

Trail of Bits Security

Opinionated security-first Claude Code configuration with sandboxing, permission rules, hooks, and security audit skills from professional security researchers

securityaudithardeningconfiguration+1

MCP Servers (3)

Browse all MCP servers

E2B Code Sandbox

Secure cloud sandbox for executing code in isolated environments with full system access

sandboxcode-executionsecuritycloud+1

Scan code for security vulnerabilities, bugs, and anti-patterns using Semgrep static analysis rules

securitysemgrepstatic-analysissast+1

RNWY Trust Intelligence

Check if an AI agent is trustworthy before you hire it. Sybil detection, signed attestations, and reviewer wallet analysis across 150,000+ agents. Free, no key.

trustsecurityai-agentsblockchain+1

Hooks (4)

Browse all hooks

Dependency Vulnerability Check

Runs npm audit / pip-audit / cargo audit when dependency manifests change, blocking edits that introduce known vulnerabilities

securitydependenciesvulnerabilityaudit+1

Scans files for accidentally committed secrets, API keys, and credentials before they are written

securitysecretsscanningprevention

Prompt Injection Defense

Scans tool outputs for prompt injection patterns including instruction overrides, role-playing attempts, and encoding obfuscation

securityprompt-injectiondefensescanning

Environment Variable Leak Detector

Scans files after edits for hardcoded secrets, API keys, and tokens that should be in environment variables

securitysecretsenvironment-variablesapi-keys+1

Other use cases

Code Review Testing Git Workflows Documentation Debugging Performance Deployment & CI/CD Databases API Development