External/SuperClaude
1
0
Fork 0
mirror of https://github.com/SuperClaude-Org/SuperClaude_Framework.git synced 2025-12-29 16:16:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
219ff3905a651cc639cde33cdba67a19a8fc2df4
SuperClaude/.claude/commands/scan.md
NomenAK 219ff3905a feat: Optimize all 18 command files using @include reference system 
Major streamlining achievement:
- Eliminate 2,733 lines of duplicate content across commands
- Reduce individual command files by ~70% (130-150 → 35-60 lines)
- Leverage existing shared/*.yml reference patterns
- Maintain full Claude Code compliance

Benefits:
• Single source of truth for universal content
• Guaranteed consistency across all commands
• Dramatically reduced maintenance overhead
• Massive token efficiency improvements

Implementation:
- Universal Legend: @include shared/universal-constants.yml#Universal Legend
- Universal Flags: @include shared/flag-inheritance.yml#Universal_Always
- Command patterns: References to appropriate shared/*.yml files
- Template system: Enhanced command-patterns.yml

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-06-24 22:46:52 +02:00

2.3 KiB
Raw Blame History

/scan - Security and quality scanning

@include shared/universal-constants.yml#Universal_Legend

Purpose

Perform comprehensive security, quality, and dependency scanning on code specified in $ARGUMENTS.

Syntax

/scan [flags] [target]

@include shared/flag-inheritance.yml#Universal_Always

Examples:

  • /scan --security - Security vulnerability scan
  • /scan --deps - Dependency audit
  • /scan --validate - Full validation scan
  • /scan --quick - Quick scan for critical issues

Command-Specific Flags

--security: "Deep security vulnerability scanning (OWASP, CVEs, secrets)" --deps: "Dependency vulnerability audit w/ fix recommendations" --validate: "Comprehensive validation (syntax, types, logic, security)" --quick: "Fast scan focusing on critical issues only" --fix: "Auto-fix safe issues" --strict: "Zero-tolerance mode (fail on any issue)" --report: "Generate detailed report" --ci: "CI-friendly output format"

Scan Types

Security Scan: OWASP Top 10 | Injection vulnerabilities | Auth flaws | Sensitive data exposure | Hardcoded secrets | CVE database check

Dependency Scan: Known vulnerabilities | Outdated packages | License compliance | Supply chain risks | Transitive dependencies

Code Quality: Complexity metrics | Duplication | Dead code | Type safety | Best practices | Performance antipatterns

Configuration: Misconfigured services | Insecure defaults | Missing security headers | Exposed endpoints | Weak crypto

Validation Levels

Quick (--quick): Critical security only | Known CVEs | Hardcoded secrets | SQL injection | XSS vulnerabilities

Standard (default): All security checks | Major quality issues | Dependency vulnerabilities | Configuration problems

Strict (--strict): Everything + minor issues | Style violations | Documentation gaps | Test coverage | Performance warnings

@include shared/security-patterns.yml#OWASP_Top_10

Deliverables

Reports: .claudedocs/scans/security-{timestamp}.md | Severity classification | Fix recommendations | Risk assessment

Fix Scripts: Auto-generated patches | Safe automated fixes | Manual fix instructions | Rollback procedures

CI Integration: Exit codes | JSON output | SARIF format | GitHub/GitLab integration

@include shared/universal-constants.yml#Success_Messages

Reference in New Issue View Git Blame Copy Permalink