Claude Code Tools
← skills

claude-cybersecurity

github

AI-powered cybersecurity code review skill for Claude Code. 8 specialist agents, OWASP 2025, CWE Top 25, MITRE ATT&CK, 11 languages, zero configuration.

Stars
⭐ 129
License
MIT
Last Updated
2026-05-20
Source
github
View Repository →

claude-cybersecurity: AI-Powered Code Security Audit

MIT License Claude Code Skill 8 Specialist Agents CWE Top 25 Coverage OWASP 2021 14 Languages

The most comprehensive AI-powered cybersecurity code review skill for Claude Code. Spawns 8 parallel specialist agents to audit your codebase across vulnerability detection, authorization verification, secret scanning, supply chain analysis, IaC security, threat intelligence (malware/C2/backdoor detection), AI-generated code patterns, and business logic flaws.

Complements GitHub Advanced Security by detecting what static tools architecturally cannot: missing security controls, business logic flaws, attack-path chaining, and obfuscated secrets — with zero configuration.

Installation

git clone https://github.com/AgriciDaniel/claude-cybersecurity.git
cd claude-cybersecurity
bash install.sh

Plugin (Claude Code native)

claude plugin install cybersecurity

One-liner (convenience)

curl -fsSL https://raw.githubusercontent.com/AgriciDaniel/claude-cybersecurity/main/install.sh | bash

Demo

https://youtu.be/aE295lLPO5A

Quick Start

# Full security audit of current project
/cybersecurity

# Quick scan (entry points + auth + secrets + deps only)
/cybersecurity --scope quick

# Review only changed files (PR review mode)
/cybersecurity --scope diff

# Deep dive into one dimension
/cybersecurity --focus threat

# With compliance mapping
/cybersecurity --compliance pci

What It Does

8 Specialist Agents

Key Differentiators vs GitHub Advanced Security

CapabilityGHASThis Skill
Business logic flaw detectionNoYes
Authorization enforcement verificationBasicContext-aware
Race condition detectionVery limitedConcurrency pattern analysis
Languages supported1214 (pattern-based) + broader reasoning via LLM
IaC/Container/CI-CD scanningNoTerraform, Docker, K8s, Actions
AI-generated code securityNoSpecialized detection
Obfuscated secret detectionRegex onlySemantic context analysis
Threat intelligence (malware/C2)NoMITRE ATT&CK mapped
Framework-aware false-positive suppressionNo10 frameworks
Cost$49/committer/monthFree (with Claude Code)

Coverage

Coverage at a Glance

Scoring System

Scoring System

Architecture

GARE Architecture

File Structure

skills/cybersecurity/
├── SKILL.md                              (~990 lines — orchestrator)
├── references/
│   ├── vulnerability-taxonomy.md         (25 CWE categories)
│   ├── scoring-rubric.md                 (formula + confidence system)
│   ├── threat-intelligence.md            (MITRE ATT&CK patterns)
│   ├── compliance-matrix.md              (5 frameworks)
│   ├── false-positive-suppression.md     (10 frameworks)
│   ├── semgrep-patterns.md              (8 detection patterns)
│   ├── report-template.md               (output format + worked example)
│   ├── language-patterns/               (11 files)
│   └── iac-patterns/                    (4 files)

Total: 23 files, 5,350 lines of security knowledge.

Requirements

  • Claude Code (CLI, Desktop, or IDE extension)
  • No other dependencies — zero configuration, works immediately

Uninstall

curl -fsSL https://raw.githubusercontent.com/AgriciDaniel/claude-cybersecurity/main/uninstall.sh | bash

Or manually:

rm -rf ~/.claude/skills/cybersecurity

License

MIT - AgriciDaniel 2026