From 1144549f21d3970ed3f6896d3e582e95351e90a8 Mon Sep 17 00:00:00 2001 From: Zhongwei Li Date: Sat, 29 Nov 2025 17:52:53 +0800 Subject: [PATCH] Initial commit --- .claude-plugin/plugin.json | 12 ++++++++++ README.md | 3 +++ commands/audit.md | 25 +++++++++++++++++++++ plugin.lock.json | 45 ++++++++++++++++++++++++++++++++++++++ 4 files changed, 85 insertions(+) create mode 100644 .claude-plugin/plugin.json create mode 100644 README.md create mode 100644 commands/audit.md create mode 100644 plugin.lock.json diff --git a/.claude-plugin/plugin.json b/.claude-plugin/plugin.json new file mode 100644 index 0000000..14d69be --- /dev/null +++ b/.claude-plugin/plugin.json @@ -0,0 +1,12 @@ +{ + "name": "audit", + "description": "Perform security audit on codebase", + "version": "1.0.0", + "author": { + "name": " Anand Tyagi", + "url": "https://github.com/ananddtyagi" + }, + "commands": [ + "./commands/" + ] +} \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..2de8191 --- /dev/null +++ b/README.md @@ -0,0 +1,3 @@ +# audit + +Perform security audit on codebase diff --git a/commands/audit.md b/commands/audit.md new file mode 100644 index 0000000..a4a3f6a --- /dev/null +++ b/commands/audit.md @@ -0,0 +1,25 @@ +--- +allowed-tools: Bash(find:*), Bash(grep:*) +description: Perform security audit on codebase +--- + +## Context + +- Package.json dependencies: @package.json +- Environment files: !`find . -name ".env*" -o -name "config.*" | head -10` +- Potential security files: !`find . -name "*secret*" -o -name "*key*" -o -name "*password*" | head -10` + +## Your task + +Perform a security audit focusing on: + +1. **Dependency vulnerabilities**: Check for known CVEs +2. **Authentication/Authorization**: Review auth implementations +3. **Input validation**: Check for injection vulnerabilities +4. **Data exposure**: Look for sensitive data leaks +5. **Configuration security**: Review security configurations +6. **Secrets management**: Ensure proper secret handling + +Target: $ARGUMENTS (if specified, otherwise audit entire codebase) + +Provide prioritized findings with remediation steps. \ No newline at end of file diff --git a/plugin.lock.json b/plugin.lock.json new file mode 100644 index 0000000..d11a2b7 --- /dev/null +++ b/plugin.lock.json @@ -0,0 +1,45 @@ +{ + "$schema": "internal://schemas/plugin.lock.v1.json", + "pluginId": "gh:ananddtyagi/claude-code-marketplace:plugins/audit", + "normalized": { + "repo": null, + "ref": "refs/tags/v20251128.0", + "commit": "b1450df34bb4b06c5e4d37e3ba6d360c72888ab1", + "treeHash": "3ebb187f64b92fbd3dad94820ccf5bdf57ddf28375b84275009dbfbd01f55c97", + "generatedAt": "2025-11-28T10:13:19.888757Z", + "toolVersion": "publish_plugins.py@0.2.0" + }, + "origin": { + "remote": "git@github.com:zhongweili/42plugin-data.git", + "branch": "master", + "commit": "aa1497ed0949fd50e99e70d6324a29c5b34f9390", + "repoRoot": "/Users/zhongweili/projects/openmind/42plugin-data" + }, + "manifest": { + "name": "audit", + "description": "Perform security audit on codebase", + "version": "1.0.0" + }, + "content": { + "files": [ + { + "path": "README.md", + "sha256": "e275dbda7c18465426500ed1dfb05e905702bb52b7dcf71203b52bcfbd689390" + }, + { + "path": ".claude-plugin/plugin.json", + "sha256": "bb21d216821cdb44b7d6fc55c900b90b523a6b86edfdac3d1059fb9afe94cd29" + }, + { + "path": "commands/audit.md", + "sha256": "ad478b66fce0fcccbb8150c33ae40d35c3b7a1f41cd29243ed2194691cea691e" + } + ], + "dirSha256": "3ebb187f64b92fbd3dad94820ccf5bdf57ddf28375b84275009dbfbd01f55c97" + }, + "security": { + "scannedAt": null, + "scannerVersion": null, + "flags": [] + } +} \ No newline at end of file