---
name: security
description: LLM Security — security scanning, auditing, and threat modeling for AI coding agent projects
---

# LLM Security Plugin

Security scanning, auditing, and threat modeling. Based on OWASP LLM Top 10 (2025), Agentic AI Top 10, Skills Top 10, MCP Top 10, and DeepMind Agent Traps.

## Skills

| Skill | Description | When to use |
|-------|-------------|-------------|
| `scan [path\|url]` | Scan skills, MCP servers, directories, or repos | Before installing a new skill or MCP server |
| `scan [path\|url] --deep` | Enhanced scan: LLM + 10 deterministic scanners | Deep analysis with entropy, taint, git forensics |
| `deep-scan [path]` | 10 deterministic scanners only (no LLM agents) | Fast, reproducible, deterministic-only analysis |
| `audit` | Full project security audit with A-F grading | Periodic review (monthly recommended) |
| `plugin-audit [path\|url]` | Plugin security audit with trust verdict | Before installing a third-party plugin |
| `mcp-audit [--live]` | MCP server config audit | After adding MCP servers or on suspicion |
| `mcp-inspect` | Live MCP server inspection | Verify running servers have safe tool descriptions |
| `posture` | Quick security posture scorecard | Daily/weekly health check |
| `threat-model` | Interactive STRIDE/MAESTRO threat modeling | When designing new architecture |
| `diff [path]` | Compare scan against stored baseline | Track security changes over time |
| `watch [path] [--interval 6h]` | Continuous monitoring — diff on interval | Ongoing security monitoring |
| `clean [path]` | Scan and remediate findings | Sanitizing third-party plugin before install |
| `supply-check [path]` | Re-audit installed deps | Periodic dependency audit |
| `dashboard` | Cross-project security dashboard | Machine-wide health check |
| `harden [path]` | Generate Grade A security config | Hardening a new or existing project |
| `red-team [--category]` | Attack simulation against hooks | Verify hooks block what they claim |
| `pre-deploy` | Pre-deployment security checklist | Before pushing to production |
| `registry [scan\|search]` | Skill signature registry | Track scanned skills |

## What's Protected (Hooks)

This plugin includes automated security hooks that run on every operation:

| Hook | Protects Against |
|------|-----------------|
| Secret detection | API keys, tokens, passwords in code |
| Path guarding | Writes to .env, .ssh, credentials files |
| Destructive command blocking | rm -rf, force push, pipe-to-shell |
| Supply chain protection | Compromised packages, typosquats |
| Prompt injection scanning | Injection attempts in user prompts |
| MCP output verification | Data leakage in tool outputs |
| Session monitoring | Lethal trifecta detection (untrusted input + sensitive data + exfil) |

## Quick Start

- **New to security?** Start with `posture` for a quick health check
- **Evaluating a plugin?** Run `plugin-audit path/to/plugin`
- **Full analysis?** Run `scan . --deep` to combine LLM + deterministic scanners
- **Machine-wide overview?** Run `dashboard`