Initial commit

commands/security-scan.md

@@ -0,0 +1,59 @@
+---
+description: Perform comprehensive security scan and vulnerability assessment
+argument-hint: [scan-type] [severity-level]
+---
+
+# Security Scan Command
+
+Perform comprehensive security scan and vulnerability assessment with detailed reporting.
+
+## Context
+- Scan type: $1 (dependencies|code|infrastructure|all - default: all)
+- Severity level: $2 (low|medium|high|critical - default: medium)
+- Current dependencies: @package.json
+- Security configuration: @.securityrc
+
+## Security Scan Process
+
+### 1. **Dependency Scanning**
+- Check for known vulnerabilities
+- Validate license compliance
+- Identify outdated packages
+- Assess supply chain risks
+
+### 2. **Code Analysis**
+- Static Application Security Testing (SAST)
+- Secret detection and credential scanning
+- Code quality and security patterns
+- OWASP Top 10 compliance check
+
+### 3. **Infrastructure Security**
+- Configuration security validation
+- Network security assessment
+- Access control verification
+- Compliance framework validation
+
+### 4. **Security Reporting**
+- Vulnerability assessment report
+- Risk prioritization and scoring
+- Remediation recommendations
+- Compliance status summary
+
+## Security Standards
+- OWASP Top 10 compliance
+- Industry security best practices
+- Regulatory compliance (GDPR, HIPAA, SOC 2)
+- Internal security policies
+
+## Expected Outcome
+- Comprehensive security assessment report
+- Prioritized vulnerability list
+- Detailed remediation guidance
+- Compliance status validation
+
+## Critical Issues
+If critical vulnerabilities found:
+- Immediate notification to security team
+- Emergency remediation plan
+- Deployment halt recommendations
+- Incident response procedures