ghost-scan-code
Ghost Security - SAST code scanner. Finds security vulnerabilities in source code by planning and executing targeted scans for issues like SQL injection, XSS, BOLA, BFLA, SSRF, and other OWASP categories. Supports applications (backend, frontend, mobile) and libraries (prototype pollution, unsafe deserialization, ReDoS, path traversal, zip slip). Use when the user asks for a code security audit, SAST scan, vulnerability scan of source code, or wants to find security flaws in a codebase or library.
Packaged view
This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.
Install command
npx @skill-hub/cli install ghostsecurity-skills-scan-code
Repository
Skill path: plugins/ghost/skills/scan-code
Ghost Security - SAST code scanner. Finds security vulnerabilities in source code by planning and executing targeted scans for issues like SQL injection, XSS, BOLA, BFLA, SSRF, and other OWASP categories. Supports applications (backend, frontend, mobile) and libraries (prototype pollution, unsafe deserialization, ReDoS, path traversal, zip slip). Use when the user asks for a code security audit, SAST scan, vulnerability scan of source code, or wants to find security flaws in a codebase or library.
Open repositoryBest for
Primary workflow: Research & Ops.
Technical facets: Full Stack, Frontend, Backend, Mobile, Security.
Target audience: Development teams looking for install-ready agent workflows..
License: Unknown.
Original source
Catalog source: SkillHub Club.
Repository owner: ghostsecurity.
This is still a mirrored public skill entry. Review the repository before installing into production workflows.
What it helps with
- Install ghost-scan-code into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
- Review https://github.com/ghostsecurity/skills before adding ghost-scan-code to shared team environments
- Use ghost-scan-code for development workflows
Works across
Favorites: 0.
Sub-skills: 0.
Aggregator: No.