ghost-report

Solid

Ghost Security — combined security report. Aggregates findings from all scan skills (scan-deps, scan-secrets, scan-code) into a single prioritized report focused on the highest risk, highest confidence issues. Use when the user requests a security overview, vulnerability summary, full security audit, or combined scan results.

Data & Documents 386 stars 26 forks Updated 3 months ago Apache-2.0

Install

View on GitHub

Quality Score: 86/100

Stars 20%
86
Recency 20%
50
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Combined Security Report You aggregate findings from all scan skills (scan-deps, scan-secrets, scan-code) into a single prioritized report. Do all work yourself — do not spawn subagents or delegate. $ARGUMENTS --- ## Step 0: Setup Run this Bash command to compute paths: ```bash repo_name=$(basename "$(pwd)") && remote_url=$(git remote get-url origin 2>/dev/null || pwd) && short_hash=$(printf '%s' "$remote_url" | git hash-object --stdin | cut -c1-8) && repo_id="${repo_name}-${short_hash}" && short_sha=$(git rev-parse --short HEAD 2>/dev/null || date +%Y%m%d) && ghost_repo_dir="$HOME/.ghost/repos/${repo_id}" && scans_dir="${ghost_repo_dir}/scans/${short_sha}" && cache_dir="${ghost_repo_dir}/cache" && skill_dir=$(find . -path '*/skills/report/SKILL.md' 2>/dev/null | head -1 | xargs dirname) && echo "scans_dir=$scans_dir cache_dir=$cache_dir skill_dir=$skill_dir" ``` Store `scans_dir` (commit-level scan directory), `cache_dir`, and `skill_dir`. --- ## Cache Check If `<scans_dir>/report.md` already exists, show: ``` Combined security report is at: <scans_dir>/report.md ``` And stop. Do not regenerate it. --- ## Step 1: Read Repo Context Read `<cache_dir>/repo.md` if it exists. Extract: - Business criticality - Sensitive data types - Component map If it does not exist, continue without it — this is not an error. --- ## Step 2: Discover Scan Results List the contents of `<scans_dir>` to see which scan-type directories exist. Recognized types: - `deps/` — SCA / de...

Details

Author
ghostsecurity
Repository
ghostsecurity/skills
Created
4 months ago
Last Updated
3 months ago
Language
Shell
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

Data & Documents Solid

ghost-scan-deps

Ghost Security - Software Composition Analysis (SCA) scanner. Scans dependency lockfiles for known vulnerabilities, identifies CVEs, and generates findings with severity levels and remediation guidance. Use when the user asks about dependency vulnerabilities, vulnerable packages, CVE checks, security audits of dependencies, or wants to scan lockfiles like package-lock.json, yarn.lock, go.sum, or Gemfile.lock.

386 Updated 3 months ago
ghostsecurity
API & Backend Solid

ghost-scan-code

Ghost Security - SAST code scanner. Finds security vulnerabilities in source code by planning and executing targeted scans for issues like SQL injection, XSS, BOLA, BFLA, SSRF, and other OWASP categories. Supports applications (backend, frontend, mobile) and libraries (prototype pollution, unsafe deserialization, ReDoS, path traversal, zip slip). Use when the user asks for a code security audit, SAST scan, vulnerability scan of source code, or wants to find security flaws in a codebase or library.

386 Updated 3 months ago
ghostsecurity
Data & Documents Solid

ghost-scan-secrets

Ghost Security - Secrets and credentials scanner. Scans codebase for leaked API keys, tokens, passwords, and sensitive data. Detects hardcoded secrets and generates findings with severity and remediation guidance. Use when the user asks to check for leaked secrets, scan for credentials, find hardcoded API keys or passwords, detect exposed .env values, or audit code for sensitive data exposure.

386 Updated 3 months ago
ghostsecurity