security-sweep
Security scanner covering OWASP Top 10 (2025), Mobile Top 10, and LLM Top 10 for secrets, injection, and AI flaws.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for security-sweep, derived from its capabilities.
AIVSS 8.8 ยท High
View MAESTRO 7-layer threat model โOverview
security-sweep is a Claude Code plugin that runs a comprehensive scan across OWASP Top 10 (2025), Mobile Top 10 (2024), and LLM Top 10 (2025). It flags hardcoded secrets, injection flaws, auth issues, misconfigurations, and AI-specific vulnerabilities, making it a security-first plugin.
Key features
- OWASP + Mobile + LLM Top 10 coverage
- Secret and injection detection
- AI-specific vulnerability checks
Use cases
- Scan a codebase for OWASP/LLM vulnerabilities
- Detect hardcoded secrets before commit