OpenSkillIndex← back to search
claude-codesecurity

Babysitter security-scanning

AgentShield security audit with 5 scanning categories, 102 static analysis rules, and optional red-team simulation.

install
source · Clone the upstream repo
git clone https://github.com/a5c-ai/babysitter
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/a5c-ai/babysitter "$T" && mkdir -p ~/.claude/skills && cp -r "$T/library/methodologies/everything-claude-code/skills/security-scanning" ~/.claude/skills/a5c-ai-babysitter-security-scanning && rm -rf "$T"
manifest: library/methodologies/everything-claude-code/skills/security-scanning/SKILL.md
tags
#security-audit#secret-detection#permission-check#code-scanning#vulnerability-assessment
source content

Security Scanning

Overview

AgentShield security audit methodology adapted from the Everything Claude Code project. Scans across 5 categories with 102 static analysis rules.

Scanning Categories

1. Secrets Detection (14 Pattern Categories)

  • AWS access keys (AKIA pattern)
  • GitHub tokens (ghp_, gho_, ghs_, ghr_)
  • Generic API keys and bearer tokens
  • Database connection strings with credentials
  • Private keys (RSA, EC, SSH)
  • JWT secrets and signing keys
  • OAuth client secrets
  • Slack tokens and webhooks
  • Cloud provider credentials (GCP, Azure)

2. Permission Auditing

  • File system read/write scope
  • Network calls and protocols
  • Process execution (child_process)
  • File permissions (777, world-writable)
  • CORS and CSP headers
  • Docker privilege escalation

3. Hook Injection Analysis

  • Git hooks for command injection
  • npm lifecycle scripts (preinstall, postinstall)
  • Claude Code hooks for unsafe patterns
  • eval()/Function()/dynamic code execution
  • Unvalidated user input in shell commands

4. MCP Risk Profiling

  • Tool permission inventory
  • Data exposure risk mapping
  • Transport security (stdio vs SSE vs HTTP)
  • Prompt injection via tool descriptions
  • Rate limiting verification

5. Agent Config Review

  • Model settings integrity
  • Prompt injection resistance
  • Tool allowlist scoping
  • Output validation and sanitization
  • Information leakage in error messages

Optional: Red Team Simulation

  • Attack simulation against found vulnerabilities
  • Exploitability rating: trivial, moderate, difficult, theoretical
  • Blue-team defense recommendations

When to Use

  • Pre-deployment security review
  • New dependency introduction
  • Hook or plugin configuration changes
  • Agent or MCP server setup

Agents Used

  • security-reviewer
    (primary consumer)