/* LEEWAY HEADER — DO NOT REMOVE

REGION: DEV.ANALYSIS TAG: DEV.ANALYSIS.SECURITY_VULNERABILITY_SCANNING

COLOR_ONION_HEX: NEON=#FF1493 FLUO=#FF69B4 PASTEL=#E8F5E9

ICON_ASCII: family=lucide glyph=zap

5WH: WHAT = security vulnerability scanning skill for Leeway-compliant AI systems WHY = Provides capabilities for code-analysis within the AIskills ecosystem WHO = Leeway Industries (By Leonard Jerome Lee) WHERE = skills/code-analysis/security-vulnerability-scanning/SKILL.md WHEN = 2026 HOW = Leeway-governed skill.md definition with structured capabilities and tags

AGENTS: ASSESS AUDIT

ASSIGNED_SACRED_AGENTS: L6_Execution: SyntaxForge.ts

LICENSE: MIT */

SOVEREIGN ALIGNMENT: This skill is strictly executed by L6_Execution: SyntaxForge.ts. No unassigned Clones may natively execute this without Hive Mind routing.

Security Vulnerability Scanning

Expert in: Identifying security vulnerabilities through automated scanning, analysis, and remediation.

Capabilities

• Implement SAST (Static Application Security Testing)
• Deploy DAST (Dynamic Application Security Testing)
• Manage dependency scanning and CVE tracking
• Implement container image scanning
• Create secret detection systems
• Analyze infrastructure misconfigurations
• Build security scorecard systems
• Implement automated remediation workflows

Use this skill when:

• Finding security vulnerabilities automatically
• Scanning dependencies for CVEs
• Compliance and audit requirements
• Pre-deployment security checking
• Infrastructure security verification
• Container security
• Secret management
• Continuous security monitoring

Key techniques

• Semgrep for static analysis
• OWASP ZAP for dynamic testing
• Snyk, Dependabot for dependency scanning
• Trivy for container scanning
• SonarQube for code quality and security
• GitGuardian for secret detection
• Terraform security scanning
• Supply chain security (SBOM, provenance)

Tags

security vulnerability scanning sast dast compliance