feat: initial open marketplace with llm-security, config-audit, ultraplan-local

plugins/llm-security/commands/deep-scan.md

@@ -0,0 +1,42 @@
+---
+name: security:deep-scan
+description: Run deterministic deep-scan — 9 Node.js scanners for Unicode attacks, entropy analysis, permission mapping, dependency auditing, taint tracing, git forensics, network mapping, memory poisoning, and toxic flow analysis
+allowed-tools: Read, Glob, Grep, Bash, Agent
+model: sonnet
+---
+
+# /security deep-scan [path]
+
+9 deterministic Node.js scanners — entropy, Unicode, typosquatting, git forensics, taint tracing, dep audit, network mapping, memory poisoning, toxic flow analysis.
+
+## Step 1: Setup
+
+- `$ARGUMENTS` empty → target = cwd. Otherwise target = `$ARGUMENTS` (strip `--deep`).
+- Plugin root = parent of this `commands/` folder.
+- Get temp path: `node -p "require('path').join(require('os').tmpdir(), 'deep-scan-results.json')"`
+
+## Step 2: Run Orchestrator
+
+```bash
+node <plugin-root>/scanners/scan-orchestrator.mjs "<target>" --output-file "<results_file>"
+```
+
+Exit 0=ALLOW, 1=WARNING, 2=BLOCK. Stdout = compact aggregate JSON. Full results in file.
+
+## Step 3: Show Banner
+
+```
+## Deep Scan: [VERDICT]
+Risk Score: X/100 | Findings: XC XH XM XL XI
+Scanners: X ok, X error, X skipped
+```
+
+## Step 4: Synthesize Report
+
+Spawn `subagent_type: "llm-security:deep-scan-synthesizer-agent"`, `model: "sonnet"`:
+
+> Read scan results from: \<results_file\>
+> Read: \<plugin-root\>/knowledge/mitigation-matrix.md
+> Produce complete report with actionable insights. Don't pad.
+
+Output the synthesizer's report. If it fails, show banner + CRITICAL/HIGH findings from JSON.