security-scan

Original：🇺🇸 English

Translated

Main security scanning orchestration. Detects language, runs OWASP Top 10 patterns, identifies vulnerabilities, generates structured reports. Use when scanning for XSS, SQL injection, command injection, secrets, or any security vulnerability.

1installs

Sourcefusengine/agents

Added on2026-03-01

NPX Install

npx skill4agent add fusengine/agents security-scan

SKILL.md Content

View Translation Comparison →

Security Scan Skill

Overview

Orchestrates the full security scanning workflow across all supported languages.

Supported Languages

Language	Marker Files	Pattern Count
JavaScript/TypeScript	package.json	25+
PHP	composer.json	20+
Python	requirements.txt, pyproject.toml	18+
Swift/iOS	Package.swift, *.xcodeproj	15+
Go	go.mod	12+
Rust	Cargo.toml	10+

Workflow

Detect language from project markers
Load patterns from
```
references/scan-patterns.md
```
Run
```
scripts/security-scan.sh
```
for automated scanning
Map findings to OWASP categories via
```
references/owasp-top10.md
```
Generate report using
```
references/templates/scan-report.md
```

Integration

After scanning, delegate fixes to sniper:

Task(subagent_type: "fuse-ai-pilot:sniper")
Prompt: "Security fixes: [FILE:LINE] [VULN] [FIX]"

References

OWASP Top 10 Mapping
Scan Patterns by Language
Report Template