External/SuperClaude
1
0
Fork 0
mirror of https://github.com/SuperClaude-Org/SuperClaude_Framework.git synced 2025-12-29 16:16:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
23a103d5dc310d080ee71dad71a82e5e269d3759
SuperClaude/.claude/commands/scan.md
NomenAK 23a103d5dc refactor: Standardize @include reference system across all command files 
- Fix @include references to use underscore format (Universal_Legend, Standard_Messages_Templates)
- Add missing ultracompressed.yml shared pattern file
- Update broken reference paths in all 18 command files
- Ensure consistent template naming across command system
- Optimize command file structure with standardized includes

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-06-25 00:21:27 +02:00

2.3 KiB
Raw Blame History

@include shared/universal-constants.yml#Universal_Legend

Command Execution

Execute: immediate. --plan→show plan first Legend: Generated based on symbols used in command Purpose: "[Action][Subject] in $ARGUMENTS"

Perform comprehensive security, quality, and dependency scanning on code specified in $ARGUMENTS.

@include shared/flag-inheritance.yml#Universal_Always

Examples:

  • /scan --security - Security vulnerability scan
  • /scan --deps - Dependency audit
  • /scan --validate - Full validation scan
  • /scan --quick - Quick scan for critical issues

Command-Specific Flags

--security: "Deep security vulnerability scanning (OWASP, CVEs, secrets)" --deps: "Dependency vulnerability audit w/ fix recommendations" --validate: "Comprehensive validation (syntax, types, logic, security)" --quick: "Fast scan focusing on critical issues only" --fix: "Auto-fix safe issues" --strict: "Zero-tolerance mode (fail on any issue)" --report: "Generate detailed report" --ci: "CI-friendly output format"

Scan Types

Security Scan: OWASP Top 10 | Injection vulnerabilities | Auth flaws | Sensitive data exposure | Hardcoded secrets | CVE database check

Dependency Scan: Known vulnerabilities | Outdated packages | License compliance | Supply chain risks | Transitive dependencies

Code Quality: Complexity metrics | Duplication | Dead code | Type safety | Best practices | Performance antipatterns

Configuration: Misconfigured services | Insecure defaults | Missing security headers | Exposed endpoints | Weak crypto

Validation Levels

Quick (--quick): Critical security only | Known CVEs | Hardcoded secrets | SQL injection | XSS vulnerabilities

Standard (default): All security checks | Major quality issues | Dependency vulnerabilities | Configuration problems

Strict (--strict): Everything + minor issues | Style violations | Documentation gaps | Test coverage | Performance warnings

@include shared/security-patterns.yml#OWASP_Top_10

Deliverables

Reports: .claudedocs/scans/security-{timestamp}.md | Severity classification | Fix recommendations | Risk assessment

Fix Scripts: Auto-generated patches | Safe automated fixes | Manual fix instructions | Rollback procedures

CI Integration: Exit codes | JSON output | SARIF format | GitHub/GitLab integration

@include shared/universal-constants.yml#Standard_Messages_Templates

Reference in New Issue View Git Blame Copy Permalink