security-detectionlisted

Detect infrastructure and security-critical file changes to trigger security agent review recommendations ensuring proper security oversight for sensitive modifications. Use when you ask "did I touch security-critical files", "should the security agent review this". Detection only. Do NOT use to scan source for injection patterns (use security-scan).
rjmurillo/ai-agents · ★ 34 · AI & Automation · score 79

Install: claude install-skill rjmurillo/ai-agents

# Security Detection Utility ## Triggers | Trigger Phrase | Operation | |----------------|-----------| | `scan for security changes` | detect-infrastructure with staged files | | `check security-critical files` | detect-infrastructure with file list | | `run security scan on changes` | detect-infrastructure analysis | | `do I need a security review` | Risk-level assessment of changed files | | `check infrastructure changes` | Pattern matching against critical/high lists | --- ## When to Use Use this skill when: - Committing changes that may touch infrastructure or security files - Pre-commit validation for security-sensitive paths - Determining if a security agent review is needed - CI pipeline security gate checks Use the security agent directly instead when: - You already know security review is needed - Performing threat modeling or vulnerability assessment - Reviewing authentication or authorization code in depth --- ## Available Scripts | Script | Language | Usage | |--------|----------|-------| | `detect_infrastructure.py` | Python 3 | Cross-platform | ## Usage ```bash # Analyze staged files python detect_infrastructure.py --git-staged # Analyze specific files python detect_infrastructure.py .github/workflows/ci.yml src/auth/login.cs ``` ## Output When security-critical files are detected: ```text === Security Review Detection === CRITICAL: Security agent review REQUIRED Matching files: [CRITICAL] .github/workflows/deploy.yml [HIGH] src/Controller