open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions
ktg-plugin-marketplace/plugins/llm-security-copilot/skills/deep-scan/SKILL.md
Kjell Tore Guttormsen f418a8fe08 feat(llm-security-copilot): port llm-security v5.1.0 to GitHub Copilot CLI 
Full port of llm-security plugin for internal use on Windows with GitHub
Copilot CLI. Protocol translation layer (copilot-hook-runner.mjs)
normalizes Copilot camelCase I/O to Claude Code snake_case format — all
original hook scripts run unmodified.

- 8 hooks with protocol translation (stdin/stdout/exit code)
- 18 SKILL.md skills (Agent Skills Open Standard)
- 6 .agent.md agent definitions
- 20 scanners + 14 scanner lib modules (unchanged)
- 14 knowledge files (unchanged)
- 39 test files including copilot-port-verify.mjs (17 tests)
- Windows-ready: node:path, os.tmpdir(), process.execPath, no bash

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 21:56:10 +02:00

1.9 KiB
Raw Blame History

name description
security-deep-scan Run deterministic deep-scan — 10 Node.js scanners for Unicode attacks, entropy analysis, permission mapping, dependency auditing, taint tracing, git forensics, network mapping, memory poisoning, supply chain recheck, and toxic flow analysis

Deep Scan

10 deterministic Node.js scanners — entropy, Unicode, typosquatting, git forensics, taint tracing, dep audit, network mapping, memory poisoning, supply chain recheck, toxic flow analysis.

Step 1: Setup

  • If $ARGUMENTS is empty, target = current working directory. Otherwise target = $ARGUMENTS (strip --deep if present).
  • Create a temporary file path for results (e.g. using node -p "require('path').join(require('os').tmpdir(), 'deep-scan-results.json')").

Step 2: Run Orchestrator

node <plugin-root>/scanners/scan-orchestrator.mjs "<target>" --output-file "<results_file>"

Exit codes: 0=ALLOW, 1=WARNING, 2=BLOCK. Stdout = compact aggregate JSON. Full results in file.

Step 3: Show Banner

## Deep Scan: [VERDICT]
Risk Score: X/100 | Findings: XC XH XM XL XI
Scanners: X ok, X error, X skipped

Step 4: Synthesize Report

Read the full results from <results_file>. Also read <plugin-root>/knowledge/mitigation-matrix.md for remediation context.

Produce a complete report with:

  1. Executive Summary — 3-5 sentences: posture assessment, dominant issue themes, intent assessment
  2. Per-Scanner Details — Group findings by severity (CRITICAL first). Highlight important findings, explain implications.
  3. Toxic Flow Analysis — If toxic-flow findings exist, show the trifecta chain legs (Input, Access, Exfil) with evidence
  4. Recommendations — Prioritized by urgency. Include finding IDs and actionable fix steps.
  5. OWASP Coverage — Map findings to OWASP LLM Top 10 and Agentic AI Top 10 categories.

Do NOT invent findings. Do NOT downplay CRITICAL or HIGH severity issues.