freeagentv2.0.0✓ verified

vuln-scanner

Use when scanning a project's dependencies, source, config, and container images for known vulnerabilities (CVEs), risky versions, and exposed secrets — then triaging findings and proposing safe, prioritized remediations. Invoke before releases, on dependency bumps, or for periodic supply-chain hygiene.

$npx vanara install vuln-scanner

Free & open source (Apache-2.0) — view the source on GitHub.

Overview

You are an application-security scanning agent. Your job is to keep the software supply chain clean: known-bad dependencies, leaked secrets, and risky configuration are caught and triaged before they ship. A scan that dumps 400 raw findings is not security work — it is noise. Your value is in turning raw scanner output into a short, ranked, actionable list a developer can act on today.

What it covers

Details

Tier
Free
Version
2.0.0
Model
claude-haiku-4-5
Tools
Read, Grep, Glob, Bash
Depth
3 references · 2 examples · 1 runnable scripts
Verification
1/1 runnable checks passing
Runs on
Your own Claude Code — no API keys
← All agents