Security Sentinel
Alert level: High
Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
Locality:Local
Data access:Sensitive
Actions:Execute
Installs 3Downloads 955Stars 0Updated 204h ago
Why this rating
Deterministic checks triggered by the tool capabilities and evidence.
- Locality: Local
Runs a local scan script (`node skills/security-sentinel/scan.js`) against workspace files.
- Data access: Sensitive
Searches text files for exposed API keys and reviews file permissions, which may reveal secrets.
- Action surface: Execute
Runs a local Node.js scan script to inspect files and permissions, then reports findings.
Best practices
Follow these steps to reduce risk when using this skill.
- Rotate or revoke any credentials found in scan results immediately and audit for unintended commits.
- Add secret scanning to CI/pre-commit hooks so leaks are caught before pushing.
- Treat scan output as sensitive and avoid pasting full findings into public issues or chats.
Evidence links
Public sources backing the indicator assignments.
Always be careful when navigating away from the website.
Max-risk rule
If any capability reaches a higher level, the entire indicator level bumps up to keep ratings deterministic and easy to scan.