explaingit

akshayramabhat/claude-security-kit

Analysis updated 2026-05-18

0PLpgSQLAudience · developerComplexity · 2/5License

TLDR

A Claude Code plugin that runs multiple open-source security scanners in one command and produces an honest, prioritized report.

Mindmap

mindmap
  root((claude-security-kit))
    What it does
      Runs multiple scanners at once
      Triages results into a report
      Flags coverage gaps honestly
    Tech stack
      Claude Code plugin
      Postgres
      Supabase
      Open source scanners
    Use cases
      Pre-launch security scan
      Secrets and CVE detection
      RLS policy auditing
    Audience
      Developers
      Vibe coders
      Security reviewers

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Run a single command to scan a vibe-coded app for secrets, vulnerable dependencies, and misconfigurations before launch.

USE CASE 2

Get an honest security report that flags coverage gaps instead of a false all-clear.

USE CASE 3

Audit Postgres or Supabase database migrations for missing Row Level Security rules.

USE CASE 4

Use pre-built RLS policy templates to lock down a Supabase data API.

What is it built with?

PLpgSQLClaude CodePostgresSupabase

How does it compare?

akshayramabhat/claude-security-kitsaiprajoth/timescaledb-labintelligent-internet/psql_bm25s
Stars01127
LanguagePLpgSQLPLpgSQLPLpgSQL
Setup difficultymoderatemoderate
Complexity2/53/54/5
Audiencedeveloperdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

In plain English

This project is a security toolkit built as a plugin for Claude Code, the AI coding assistant. Its main feature is a single command, security-scan, that runs a whole set of well known open source security scanners over your codebase at once, then combines their results into one prioritized, easy to read report instead of a wall of raw scanner output. It is aimed at people who built an app quickly, sometimes with the help of AI tools, and want to check it for problems before putting it in front of real users. The scan covers five areas: secrets accidentally left in code, code level security bugs, known vulnerabilities in your dependencies, misconfigurations in containers and infrastructure files, and packages that might be malicious or impersonating a real one. On its first run, the tool checks which of the underlying scanners are already installed on your machine and offers to install the missing ones using whatever package manager you already have, but only after you confirm, and it shows you exactly what commands it would run first. A notable design choice is honesty about coverage. If some scanners were not installed and got skipped, the generated report says so clearly and does not claim the repository is clean. It lists what ran, what did not, and what remains unchecked, so you are not given a false sense of security. Beyond the general scanner, the kit includes a separate feature for reviewing Postgres and Supabase database security, specifically Row Level Security rules that control who can see or change which rows of data. It includes an automated reviewer agent that checks database migration files for missing or broken security rules, along with copyable rule templates and a guide explaining common ways this kind of protection quietly fails. The project itself is released under the MIT license, though the individual scanners it wraps keep their own separate licenses.

Copy-paste prompts

Prompt 1
Add the claude-security-kit plugin to my project and run /security-scan to check it before I ship.
Prompt 2
Explain what the security-scan-report.md from claude-security-kit means and which findings I should fix first.
Prompt 3
Help me use the rls-policy-reviewer agent from claude-security-kit to check my Supabase migrations for missing Row Level Security.
Prompt 4
Walk me through installing the missing scanners that claude-security-kit detected on my machine.

Frequently asked questions

What is claude-security-kit?

A Claude Code plugin that runs multiple open-source security scanners in one command and produces an honest, prioritized report.

What language is claude-security-kit written in?

Mainly PLpgSQL. The stack also includes PLpgSQL, Claude Code, Postgres.

What license does claude-security-kit use?

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

Who is claude-security-kit for?

Mainly developer.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.