secure-claude-code

Harden Claude Code security with defense-in-depth: deny rules, PreToolUse hooks, OS sandbox, and Docker isolation for VPS/remote environments. Use when setting up a new machine, new project, or hardening an existing Claude Code installation. Triggers: security setup, harden claude, secure claude code, sandbox setup, docker sandbox, vps security, destructive command protection

skill-shielder

Security audit tool for Claude Code skills and repositories. Scans for prompt injection, dangerous scripts, supply chain attacks, and permission scope issues before you install or trust a skill. Use when: (1) evaluating a new skill or MCP before installing, (2) auditing a GitHub repo for safety, (3) reviewing downloaded code for hidden threats, (4) checking if a skill is safe to use. Trigger phrases: "audit this skill", "is this safe", "scan this repo", "security check", "skill check", "shield this", "evaluate this skill"

threat-detection

Use when hunting for threats in an environment, analyzing IOCs, or detecting behavioral anomalies in telemetry. Covers hypothesis-driven threat hunting, IOC sweep generation, z-score anomaly detection, and MITRE ATT&CK-mapped signal prioritization.