freepackv2.0.0
security-pack
Build and ship secure software — threat modeling at design time, OWASP code audits, dependency/secret scanning, and secure auth and secrets handling, sequenced into one shift-left workflow.
$npx vanara install security-pack
Free & open source (Apache-2.0) — view the source on GitHub.
Overview
Security is cheapest when it moves left — designed in at the whiteboard, enforced while the code is written, verified before merge, and monitored in the supply chain. This pack bundles three agents and three skills that cover that whole arc and, more importantly, teaches which one to reach for at each stage of a feature's life.
What’s inside
One install of security-pack deploys every member below.
Agents: threat-modeler, security-auditor, vuln-scanner
Skills: owasp-top10, secure-auth, secrets-management
What it covers
- From threat model to remediation: the discipline playbook
- The five-stage security workflow