---
name: security
description: LLM Security — security scanning, auditing, and threat modeling for Claude Code projects
allowed-tools: Read, Glob
model: sonnet
---

# LLM Security Plugin

Security scanning, auditing, and threat modeling for Claude Code projects.
Based on OWASP LLM Top 10 (2025) and OWASP Agentic AI Top 10.

## Commands

| Command | Description | When to use |
|---------|-------------|-------------|
| `/security scan [path\|url]` | Scan skills, MCP servers, directories, or GitHub repos | Before installing a new skill or MCP server |
| `/security scan [path\|url] --deep` | Enhanced scan: LLM agents + 7 deterministic scanners | Deep analysis with entropy, taint, git forensics |
| `/security deep-scan [path]` | Run 7 deterministic scanners only (no LLM agents) | Fast, reproducible, deterministic-only analysis |
| `/security audit` | Full project security audit with A-F grading | Periodic review (monthly recommended) |
| `/security plugin-audit [path\|url]` | Dedicated plugin security audit with trust verdict | Before installing a third-party plugin |
| `/security mcp-audit [--live]` | Focused audit of all installed MCP servers | After adding MCP servers or on suspicion |
| `/security mcp-inspect` | Live inspection — connect to MCP servers, scan tool descriptions | Verify running servers have safe tool descriptions |
| `/security ide-scan [target]` | Scan installed VS Code / JetBrains extensions for supply-chain risk, typosquats, malicious patterns | After installing new extensions or periodic review |
| `/security posture` | Quick security posture scorecard | Daily/weekly health check |
| `/security threat-model` | Interactive STRIDE/MAESTRO threat modeling session | When designing new architecture |
| `/security diff [path]` | Compare scan against stored baseline — shows new/resolved/moved | Track security changes over time |
| `/security watch [path] [--interval 6h]` | Monitor path continuously — runs diff on interval | Ongoing security monitoring |
| `/security clean [path]` | Clean/remediate security findings — auto-fixes, confirms semi-auto, reports manual | Sanitizing third-party plugin before install |
| `/security supply-check [path]` | Re-audit installed deps — lockfiles vs blocklists, OSV.dev CVEs, typosquats | Periodic dependency audit |
| `/security dashboard` | Cross-project security dashboard — machine-wide posture overview | Machine-wide security health check |
| `/security harden [path]` | Generate Grade A security config — settings.json, CLAUDE.md, .gitignore | Hardening a new or existing project |
| `/security red-team [--category]` | Attack simulation — test hook defenses with crafted payloads | Verify hooks actually block what they claim |
| `/security pre-deploy` | Pre-deployment security checklist | Before pushing to production |

## Quick Start

- **New to security?** Start with `/security posture` for a quick health check
- **Evaluating a plugin?** Run `/security plugin-audit path/to/plugin` for a full trust assessment
- **Inspecting live MCP servers?** Run `/security mcp-inspect` to connect and scan tool descriptions
- **Installed IDE extensions?** Run `/security ide-scan` to audit VS Code / Cursor / Windsurf extensions
- **Evaluating a remote plugin?** Run `/security plugin-audit https://github.com/user/repo`
- **Scanning a remote repo?** Run `/security scan https://github.com/user/repo`
- **Scanning individual files?** Run `/security scan path/to/file` for targeted analysis
- **Want deterministic analysis?** Run `/security deep-scan .` for 7 automated scanners (entropy, unicode, taint, git, deps, permissions, network)
- **Tracking changes?** Run `/security diff .` to compare against a stored baseline
- **Continuous monitoring?** Run `/security watch .` for interval-based security diffs (default 6h)
- **Full analysis?** Run `/security scan . --deep` to combine LLM + deterministic scanners
- **Sanitizing a plugin?** `/security clean path/to/plugin` — auto-fix + confirm + report
- **Hardening a project?** Run `/security harden .` to generate Grade A configuration
- **Machine-wide overview?** Run `/security dashboard` for a cross-project security dashboard
- **Testing your defenses?** Run `/security red-team` to simulate 38 attacks against your hooks
- **Heading to production?** Run `/security pre-deploy` for the checklist
- **Need deep analysis?** Run `/security threat-model` for guided threat modeling

## What's Protected (Hooks)

This plugin includes automated security hooks that run on every operation:

| Hook | Protects Against |
|------|-----------------|
| Secret detection | API keys, tokens, passwords in code |
| Path guarding | Writes to .env, .ssh, credentials files |
| Destructive command blocking | rm -rf, force push, pipe-to-shell |
| MCP output verification | Data leakage in MCP tool outputs |

These hooks are always active when the plugin is installed — no commands needed.

## Knowledge Base

Built on research-backed threat intelligence:
- OWASP LLM Top 10 (2025) — 10 LLM-specific risk categories
- OWASP Agentic AI Top 10 — Agent-specific threats (ASI01-ASI10)
- ToxicSkills study — Real-world malicious skill patterns
- MCPTox research — MCP server vulnerability patterns
- Mitigation matrix — Threat-to-control mapping for Claude Code