security-scan

Run full security scans on the codebase using Ruflo security tools

Stars: 56,726
Source: ruvnet/claude-flow
Updated: 2026-05-31
Slug: ruvnet--claude-flow--security-scan

// install — copy + paste into any project

mkdir -p .claude/skills && curl -fsSL https://raw.githubusercontent.com/ruvnet/claude-flow/HEAD/plugins/ruflo-security-audit/skills/security-scan/SKILL.md -o .claude/skills/security-scan.md

Drops the SKILL.md into .claude/skills/security-scan.md. Works with Claude Code, Cursor, and any agent that loads SKILL.md files from .claude/skills/.

Run a security scan at the specified depth.

Via CLI:

npx @claude-flow/cli@latest security scan --depth DEPTH
npx @claude-flow/cli@latest security cve --check
npx @claude-flow/cli@latest security report --format markdown

Depth	Checks
quick	Dependencies, known CVEs
standard	+ Input validation, path traversal, secrets
full	+ Threat modeling, injection vectors, auth flows

Store findings via MCP: mcp__claude-flow__memory_store({ key: "scan-findings", value: "SUMMARY", namespace: "security" })

Train patterns: mcp__claude-flow__hooks_post-task({ taskId: "security-scan", success: true, storeResults: true })