marketing-shibata50/claude-code-ultimate-guide
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(security): add threat intelligence DB, security commands, and cheatsheet audit fixes (v3.26.0)

Browse source 
- Add threat-db.yaml v2.0.0 with 63 malicious skills, 22 CVEs, 4 campaigns
- Add /security-check, /security-audit, /update-threat-db slash commands
- Add Snyk ToxicSkills evaluation (58th resource evaluation)
- Fix cheatsheet: add Alt+T to keyboard shortcuts table, add /fast and /debug commands
- Update Features Meconnues table with Agent Teams and Auto-Memories
- Clean up cheatsheet.md.bak
- Bump version to 3.26.0

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
Florian BRUNIAUX 2026-02-11 16:12:36 +01:00
parent 1b04bdbcf5
commit 971a297db3
14 changed files with 1209 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

243
examples/commands/security-audit.md Normal file
View file

@ -0,0 +1,243 @@
# Security Audit
Comprehensive security audit of your project AND Claude Code configuration. Analyzes secrets exposure, injection surfaces, dependencies, hook security, and produces a scored security posture assessment.
**Time**: 2-5 minutes | **Scope**: Full project + Claude Code config
> For a quick config-only check, use `/security-check` instead.
## Instructions
You are a senior application security engineer. Perform a 6-phase security audit and produce a scored report with prioritized remediation plan.
---
### Phase 1: Configuration Security (via /security-check)
Execute all checks from `/security-check` (the `examples/commands/security-check.md` command). This covers:
- MCP server audit against CVE database
- Skills & agents against known malicious entries
- Hook exfiltration patterns
- Memory poisoning detection
- Permissions & settings review
- Exposed secrets in Claude Code config
Record findings — they contribute to the final score.
---
### Phase 2: Project Secrets Scan
Scan the entire project for exposed secrets and credentials:
```bash
# API keys and tokens
grep -rn --include="*.{js,ts,py,go,java,rb,php,yaml,yml,json,toml,env,cfg,ini,conf}" \
-E '(?i)(api[_-]?key|apikey|secret|password|passwd|token|bearer|auth)\s*[=:]\s*["'\''"][^"'\'']{8,}["'\''"]\s' \
--exclude-dir={node_modules,vendor,.git,dist,build,target,__pycache__,.venv} . 2>/dev/null | head -30
# Known provider key patterns
grep -rn -E 'sk-[a-zA-Z0-9]{20,}|sk-ant-[a-zA-Z0-9]{20,}|ghp_[a-zA-Z0-9]{36}|AKIA[A-Z0-9]{16}|xox[bps]-[a-zA-Z0-9\-]{20,}' \
--exclude-dir={node_modules,vendor,.git,dist,build,target} . 2>/dev/null | head -20
# Private keys
grep -rn 'BEGIN.*PRIVATE KEY' --exclude-dir={node_modules,vendor,.git} . 2>/dev/null
# .env files that might be committed
find . -name ".env*" -not -path "*/node_modules/*" -not -path "*/.git/*" -type f 2>/dev/null
# Check .gitignore coverage
[ -f ".gitignore" ] && {
grep -q "\.env" .gitignore && echo "✅ .env in .gitignore" || echo "⚠️ .env NOT in .gitignore"
grep -q "\.pem" .gitignore && echo "✅ .pem in .gitignore" || echo "⚠️ .pem NOT in .gitignore"
grep -q "\.key" .gitignore && echo "✅ .key in .gitignore" || echo "⚠️ .key NOT in .gitignore"
}
```
**Scoring:**
- 0 secrets found → +20 points
- 1-3 secrets → +10 points
- 4+ secrets → 0 points
- Private key committed → -10 points
---
### Phase 3: Prompt Injection Surface
Analyze markdown and config files for injection vectors:
```bash
# Zero-width characters (invisible instructions)
grep -rPn '[\x{200B}-\x{200D}\x{FEFF}]' --include="*.md" --include="*.yaml" --include="*.json" . 2>/dev/null
# Hidden HTML comments with instructions
grep -rn '<!--' --include="*.md" . 2>/dev/null | grep -i 'ignore\|system\|admin\|instruction\|override\|forget'
# Base64 in comments (potential hidden payloads)
grep -rn -E '[#;].*[A-Za-z0-9+/]{20,}={0,2}' --include="*.py" --include="*.js" --include="*.ts" --include="*.md" \
--exclude-dir={node_modules,vendor,.git} . 2>/dev/null | head -10
# ANSI escape sequences
grep -rPn '\x1b\[|\x1b\]|\x1b\(' --exclude-dir={node_modules,vendor,.git} . 2>/dev/null | head -10
# Null bytes
grep -rPn '\x00' --exclude-dir={node_modules,vendor,.git,dist} . 2>/dev/null | head -5
# Nested command execution in markdown/config
grep -rn -E '\$\([^)]+\)|`[^`]+`' --include="*.md" --include="*.yaml" --include="*.json" \
--exclude-dir={node_modules,vendor,.git} . 2>/dev/null | head -10
```
**Scoring:**
- 0 injection vectors → +15 points
- 1-2 vectors (likely false positives) → +10 points
- 3+ vectors → +5 points
- Confirmed injection in CLAUDE.md → 0 points
---
### Phase 4: Dependency Audit
Run the appropriate package audit for the project:
```bash
# Node.js
[ -f "package-lock.json" ] && npm audit --json 2>/dev/null | jq '{total: .metadata.vulnerabilities.total, critical: .metadata.vulnerabilities.critical, high: .metadata.vulnerabilities.high}' 2>/dev/null
# Python
[ -f "requirements.txt" ] && pip-audit -r requirements.txt 2>/dev/null || [ -f "pyproject.toml" ] && pip-audit 2>/dev/null
# Rust
[ -f "Cargo.toml" ] && cargo audit 2>/dev/null
# Go
[ -f "go.mod" ] && govulncheck ./... 2>/dev/null
```
If no package manager detected, note it and skip (no penalty).
**Scoring:**
- 0 vulnerabilities → +20 points
- 0 critical + 0 high → +15 points
- 1-3 high → +10 points
- Any critical → +5 points
- 10+ high or 3+ critical → 0 points
---
### Phase 5: Hook Security Assessment
Verify security hooks from `guide/security-hardening.md` are properly installed:
```bash
# Check for recommended security hooks
echo "=== Checking security hooks ==="
# PreToolUse hooks (should block dangerous patterns)
ls .claude/hooks/PreToolUse* 2>/dev/null || echo "⚠️ No PreToolUse hooks found"
# PostToolUse hooks (should monitor output)
ls .claude/hooks/PostToolUse* 2>/dev/null || echo "⚠️ No PostToolUse hooks found"
# Check if prompt injection detector exists
find . -path "*/hooks/*injection*" -o -path "*/hooks/*security*" -o -path "*/hooks/*scanner*" 2>/dev/null
# Check settings for hook configuration
grep -c "hooks" .claude/settings.json 2>/dev/null || echo "No hooks in settings.json"
```
**Scoring:**
- PreToolUse security hooks installed → +10 points
- PostToolUse output scanner installed → +5 points
- Prompt injection detector hook → +5 points
- No hooks at all → 0 points
---
### Phase 6: Posture Score & Report
Calculate total score and generate report.
**Scoring Breakdown:**
| Category | Max Points | Source |
|----------|-----------|--------|
| Config Security (Phase 1) | 30 | /security-check results |
| Secrets Scan (Phase 2) | 20 | Secrets found in project |
| Injection Surface (Phase 3) | 15 | Injection vectors found |
| Dependencies (Phase 4) | 20 | Vulnerability audit |
| Hook Security (Phase 5) | 15 | Security hooks installed |
| **Total** | **100** | |
**Phase 1 scoring detail:**
- 0 CRITICAL findings → +15 points
- 0 HIGH findings → +10 points
- 0 MEDIUM findings → +5 points
- Any CRITICAL → 0 for that sub-score
**Grade Scale:**
| Score | Grade | Meaning |
|-------|-------|---------|
| 90-100 | A | Excellent — production-ready security posture |
| 75-89 | B | Good — minor improvements recommended |
| 60-74 | C | Acceptable — address HIGH issues before production |
| 40-59 | D | Poor — significant security gaps |
| 0-39 | F | Critical — do not deploy, address CRITICAL issues immediately |
## Output Format
```
## 🛡️ Security Audit Report
**Date**: [timestamp]
**Project**: [directory name]
**Scope**: Full project + Claude Code configuration
### Security Posture Score: [XX]/100 (Grade [X])
[1-sentence assessment]
### Phase Results
| Phase | Score | Max | Key Finding |
|-------|-------|-----|-------------|
| 1. Config Security | XX | 30 | [summary] |
| 2. Secrets Scan | XX | 20 | [summary] |
| 3. Injection Surface | XX | 15 | [summary] |
| 4. Dependencies | XX | 20 | [summary] |
| 5. Hook Security | XX | 15 | [summary] |
| **Total** | **XX** | **100** | |
### 🔴 Critical Findings
[Each finding with location, description, and exact fix]
### 🟠 High Findings
[Each finding with location, description, and fix]
### 🟡 Medium Findings
[Each finding with location, description, and fix]
### 🔧 Remediation Plan (Priority Order)
| # | Action | Severity | Effort | Command/Steps |
|---|--------|----------|--------|---------------|
| 1 | [action] | CRITICAL | [time] | [how] |
| 2 | [action] | HIGH | [time] | [how] |
| ... | | | | |
### 📊 Benchmark
Your score vs security-hardening.md recommendations:
- [X] items from the guide are implemented
- [X] items are missing
- Top 3 missing items to implement next: [...]
### 📚 References
- Security hardening guide: guide/security-hardening.md
- Threat database: examples/commands/resources/threat-db.yaml
- Quick check: `/security-check`
- MCP scan tool: `npx mcp-scan` (Snyk)
```
$ARGUMENTS

172
examples/commands/security-check.md Normal file
View file

@ -0,0 +1,172 @@
# Security Check
Quick configuration security check against known threats database. Verifies your Claude Code setup for known malicious skills, vulnerable MCPs, dangerous patterns, and exposed secrets.
**Time**: ~30 seconds | **Scope**: Claude Code configuration only
## Instructions
You are a security analyst. Check the user's Claude Code configuration against the threat intelligence database bundled at `examples/commands/resources/threat-db.yaml`. Produce a concise, actionable report.
### Phase 1: Load Threat Database
Read `examples/commands/resources/threat-db.yaml` from this repository to load:
- Known malicious authors and skills
- CVE database for MCP servers
- Suspicious patterns for hooks, agents, and config
### Phase 2: MCP Server Audit
Read the user's MCP configuration:
```bash
# Global MCP config
cat ~/.claude/mcp.json 2>/dev/null
# Project MCP config
cat .claude/mcp.json 2>/dev/null
```
**Check against threat-db.yaml:**
- [ ] Any MCP server matching a CVE entry? → CRITICAL
- [ ] Version pinning: are all MCP servers pinned to exact versions (not `@latest`)? → HIGH if unpinned
- [ ] Any `--dangerous-*` flags in MCP args? → CRITICAL
- [ ] Any MCP servers not on the Safe List (see `guide/security-hardening.md` §1.1)? → MEDIUM (flag for manual review)
### Phase 3: Skills & Agents Audit
```bash
# List installed skills
ls -la .claude/skills/ 2>/dev/null
ls -la ~/.claude/skills/ 2>/dev/null
# List agents
ls -la .claude/agents/ 2>/dev/null
ls -la ~/.claude/agents/ 2>/dev/null
# Check agent allowed-tools
grep -r "allowed-tools" .claude/agents/ 2>/dev/null
grep -r "allowed-tools" ~/.claude/agents/ 2>/dev/null
```
**Check against threat-db.yaml:**
- [ ] Any skill/agent name matching `malicious_skills` entries? → CRITICAL
- [ ] Any skill/agent author matching `malicious_authors` entries? → CRITICAL
- [ ] Any agent with `allowed-tools: ["Bash"]` only? → HIGH
- [ ] Any agent with overly broad tool access + vague description? → MEDIUM
### Phase 4: Hook Security
```bash
# List all hooks
find .claude/hooks/ -type f 2>/dev/null
find ~/.claude/hooks/ -type f 2>/dev/null
# Scan hooks for suspicious patterns
grep -rn "curl\|wget\|nc \|ncat\|netcat\|base64\|eval\|exec\|/dev/tcp\|/dev/udp" .claude/hooks/ 2>/dev/null
grep -rn "curl\|wget\|nc \|ncat\|netcat\|base64\|eval\|exec\|/dev/tcp\|/dev/udp" ~/.claude/hooks/ 2>/dev/null
# Check for credential access in hooks
grep -rn "ssh\|id_rsa\|id_ed25519\|\.env\|credentials\|secret\|password\|token\|api.key" .claude/hooks/ 2>/dev/null
grep -rn "ssh\|id_rsa\|id_ed25519\|\.env\|credentials\|secret\|password\|token\|api.key" ~/.claude/hooks/ 2>/dev/null
```
**Check against threat-db.yaml `suspicious_patterns.hooks`:**
- [ ] Network calls (`curl`, `wget`) → HIGH
- [ ] Reverse shell indicators (`nc`, `/dev/tcp`) → CRITICAL
- [ ] Credential access (`ssh`, `.env`, `password`) → CRITICAL
- [ ] Base64 encoding → MEDIUM (review context)
### Phase 5: Memory Poisoning Check
```bash
# Check for suspicious instructions in memory/config files
grep -in "ignore\|forget\|override\|disregard\|you are now\|new role\|system prompt" \
CLAUDE.md .claude/CLAUDE.md SOUL.md .claude/SOUL.md MEMORY.md .claude/MEMORY.md \
~/.claude/CLAUDE.md ~/.claude/MEMORY.md 2>/dev/null
```
- [ ] Prompt injection patterns in CLAUDE.md / SOUL.md / MEMORY.md? → HIGH
- [ ] Instructions to disable security, skip reviews, or grant broad permissions? → CRITICAL
### Phase 6: Permissions & Settings
```bash
# Check settings
cat .claude/settings.json 2>/dev/null
cat ~/.claude/settings.json 2>/dev/null
```
- [ ] `permissions.deny` exists and covers `.env*`, `*.pem`, `*.key`, secrets? → MEDIUM if missing
- [ ] No wildcard `permissions.allow` for Bash or Write? → HIGH if present
- [ ] No `dangerouslySkipPermissions` or similar flags? → CRITICAL if present
### Phase 7: Exposed Secrets in Config
```bash
# Check for secrets in .claude/ directory
grep -rn "sk-[a-zA-Z0-9]\{20,\}\|sk-ant-[a-zA-Z0-9]\{20,\}\|ghp_[a-zA-Z0-9]\{36\}\|AKIA[A-Z0-9]\{16\}" \
.claude/ ~/.claude/ 2>/dev/null
# Check for private keys
grep -rn "BEGIN.*PRIVATE KEY" .claude/ ~/.claude/ 2>/dev/null
```
- [ ] API keys or tokens in config files? → CRITICAL
- [ ] Private keys in config? → CRITICAL
## Output Format
```
## 🛡️ Security Check Report
**Date**: [timestamp]
**Scope**: Claude Code configuration
### Results Summary
| Severity | Count | Status |
|----------|-------|--------|
| 🔴 CRITICAL | X | [PASS/FAIL] |
| 🟠 HIGH | X | [PASS/FAIL] |
| 🟡 MEDIUM | X | [PASS/FAIL] |
| 🟢 LOW | X | [PASS/FAIL] |
### 🔴 Critical Issues
[List each critical finding with location and fix]
### 🟠 High Issues
[List each high finding with location and fix]
### 🟡 Medium Issues
[List each medium finding with location and fix]
### ✅ Passed Checks
[List what passed — important for confidence]
### 🔧 Recommended Actions (Priority Order)
1. [Most urgent fix with exact command]
2. [Second priority]
3. [...]
### 📚 References
- Full security guide: guide/security-hardening.md
- Threat database: examples/commands/resources/threat-db.yaml
- MCP scan: `npx mcp-scan` (Snyk)
```
If ALL checks pass, output:
```
## 🛡️ Security Check Report — ALL CLEAR ✅
**Date**: [timestamp]
No known threats detected in your Claude Code configuration.
**Recommendations for continued security:**
- Re-run `/security-check` after installing new skills or MCP servers
- Run `/security-audit` for a comprehensive project + config audit
- Keep Claude Code updated (current security fixes in v2.1.34+)
```
$ARGUMENTS

164
examples/commands/update-threat-db.md Normal file
View file

@ -0,0 +1,164 @@
# Update Threat Database
Research and update the AI agent security threat intelligence database with the latest threats, CVEs, malicious skills, and campaigns.
**Time**: 3-8 minutes | **Scope**: `examples/commands/resources/threat-db.yaml`
> Requires Perplexity MCP (or manual web search). Run monthly or after major security advisories.
## Instructions
You are a threat intelligence analyst specializing in AI coding agent security. Research the latest threats and update the threat database.
---
### Phase 1: Current State Assessment
Read the current threat database:
```
Read examples/commands/resources/threat-db.yaml
```
Note:
- Current `version` and `updated` date
- Number of malicious authors, skills, CVEs, campaigns
- Most recent entries to avoid duplicates
---
### Phase 2: Research New Threats
Run **4 targeted Perplexity searches** (parallel when possible):
**Search 1: New malicious skills & campaigns**
```
Query: "malicious AI agent skills ClawHub OpenClaw skills.sh 2026 new campaigns malware supply chain"
Focus: New malicious skill names, authors, campaigns not already in threat-db.yaml
```
**Search 2: New MCP server CVEs**
```
Query: "MCP server CVE vulnerability 2025 2026 model context protocol security advisory"
Focus: New CVEs for MCP servers, SDK vulnerabilities, transport-level flaws
```
**Search 3: New attack techniques**
```
Query: "AI coding agent attack prompt injection Claude Code Cursor supply chain security research 2026"
Focus: New attack vectors, techniques, research papers
```
**Search 4: New defensive tools & blocklists**
```
Query: "MCP security scanner tool mcp-scan alternative AI agent skills security scanning 2026"
Focus: New scanning tools, blocklists, defensive frameworks
```
If Perplexity MCP is unavailable, use WebSearch for each query.
---
### Phase 3: Analyze & Deduplicate
For each finding from Phase 2:
1. **Check if already in threat-db.yaml** — skip duplicates
2. **Verify source credibility** — prefer: CVE databases, security vendor blogs, peer-reviewed research
3. **Categorize** — which section does it belong to?
- `malicious_authors` — new confirmed malicious publishers
- `malicious_skills` — new confirmed malicious skill/package names
- `malicious_skill_patterns` — new prefix patterns for wildcard matching
- `cve_database` — new CVEs with component, severity, fixed_in
- `minimum_safe_versions` — update if new patches available
- `iocs` — new C2 IPs, exfil URLs, malware hashes
- `campaigns` — new coordinated campaigns
- `attack_techniques` — new documented attack vectors
- `scanning_tools` — new tools or major updates
- `defensive_resources` — new frameworks, blocklists
4. **Assess risk level**:
- `critical` — confirmed malicious, active exploitation
- `high` — confirmed vulnerable, exploit available
- `medium` — theoretical risk, no known exploitation
- `low` — informational
---
### Phase 4: Update threat-db.yaml
Apply changes following these rules:
1. **Bump version** — increment minor (e.g. 2.0.0 → 2.1.0) for new entries, major for schema changes
2. **Update `updated` date** — set to today
3. **Add new sources** — add any new research sources to the `sources` list
4. **Maintain YAML validity** — use single quotes for patterns containing backslashes
5. **Preserve existing entries** — never remove entries unless confirmed false positive
6. **Follow existing format** — match the structure of existing entries exactly
**Important**: After editing, validate YAML:
```bash
python3 -c "import yaml; yaml.safe_load(open('examples/commands/resources/threat-db.yaml')); print('YAML valid')"
```
---
### Phase 5: Update Dependent Files (if needed)
Check if new CVEs should also be added to the security hardening guide:
```bash
# Count current CVEs in threat-db vs security-hardening
grep -c "id:" examples/commands/resources/threat-db.yaml
grep -c "CVE-" guide/security-hardening.md
```
If major new CVEs found (severity critical/high):
- Consider adding to `guide/security-hardening.md` CVE table
- Update `minimum_safe_versions` if new patches released
---
### Phase 6: Summary Report
## Output Format
```
## Threat Database Update Report
**Date**: [timestamp]
**Previous version**: [old version]
**New version**: [new version]
### Changes Summary
| Category | Added | Updated | Total |
|----------|-------|---------|-------|
| Malicious authors | +X | ~X | XX |
| Malicious skills | +X | ~X | XX |
| CVEs | +X | ~X | XX |
| Campaigns | +X | ~X | XX |
| IOCs | +X | ~X | XX |
| Attack techniques | +X | ~X | XX |
| Scanning tools | +X | ~X | XX |
### New Entries
[List each new entry with source and risk level]
### Notable Findings
[Highlight anything particularly important or urgent]
### No Changes Needed
[If nothing new found, explain what was searched and confirmed up-to-date]
### Next Steps
- [ ] Run `/security-check` to test against updated database
- [ ] Update `guide/security-hardening.md` if new critical CVEs
- [ ] Commit: `docs(security): update threat-db vX.Y.Z — [summary]`
```
$ARGUMENTS