Python Security Analysis & Remediation

Detect and fix security vulnerabilities in Python code, including SQL injection, hardcoded secrets, and weak cryptography using Bandit and Ruff.

triggers:python securityscan vulnerabilitiesfix sql injectionremove hardcoded secretssecurity audit

GitHub SKILL.md

What it does

This skill provides a comprehensive framework for identifying and remediating security vulnerabilities within Python codebases. It focuses on high-impact risks such as SQL injection, credential leaks, and cryptographic weaknesses, aligning with OWASP security principles.

When to use it

Use this skill during security audits, pre-deployment checks, or when refactoring legacy Python code to ensure it meets modern security standards. It is particularly useful when you need to systematically scan for common vulnerabilities (CWEs).

What's included

Instructions: Step-by-step guide on using AST-based scanners like bandit and ruff to find security flaws.
Remediation Patterns: Concrete 'Before' and 'After' code examples for fixing SQL injection, removing hardcoded secrets, and implementing secure random number generation.
Verification Checklist: A quality gate to ensure all identified vulnerabilities are resolved and no new secrets are committed.

Compatible agents

Designed for agents supporting Bash execution and file system access, such as Claude Code and other ACP-compatible harnesses.

Not yet audited

This skill has not been reviewed by our automated audit pipeline yet.

Information

Repository: Python Refactoring Skills
Stars: 39

Related Skills

Extract Circuit Netlist Edge Features

Extract structured edge features from a bipartite circuit netlist (NetworkX MultiGraph), normalizing device/net ordering, mapping terminal colors, and detecting

Reverse Engineer

Provides step-by-step guidance and best practices for binary reverse engineering: static analysis, dynamic tracing, disassembly, and documentation workflows for

Markdrop

Convert PDFs to structured Markdown or interactive HTML and generate AI-powered descriptions for images and tables using multiple LLM providers.

Sandbox0 Integration

Guidance and templates for integrating Sandbox0 sandboxing into AI agents — CLI/SDK patterns, templates, volumes, network policy, and deployment choices.

FastAPI Project Templates

Creates production-ready FastAPI project scaffolds with async patterns, DI, middleware, and testing best practices for high-performance APIs.

Unitree Robot Controller

Control and command Unitree robots (GO1/GO2/G1/H1) via OpenClaw: initialization, basic motion commands, and sensor integrations.

Alpha Forge Pre-Ship Quality Gates

Pre-merge quality gates for PRs that validate RNG determinism, forked URLs, runtime parameter ranges, and manifest synchronization to reduce review cycles.

CTF Write-up Generator

Generate a concise, reproducible submission-style CTF writeup with a one-path solution script, metadata, and a short checklist for fast verification.

Back to Skills

Python Security Analysis & Remediation

from Python Refactoring Skills39

Detect and fix security vulnerabilities in Python code, including SQL injection, hardcoded secrets, and weak cryptography using Bandit and Ruff.

triggers:python securityscan vulnerabilitiesfix sql injectionremove hardcoded secretssecurity audit

GitHub SKILL.md

What it does

When to use it

What's included

Instructions: Step-by-step guide on using AST-based scanners like bandit and ruff to find security flaws.
Remediation Patterns: Concrete 'Before' and 'After' code examples for fixing SQL injection, removing hardcoded secrets, and implementing secure random number generation.
Verification Checklist: A quality gate to ensure all identified vulnerabilities are resolved and no new secrets are committed.

Compatible agents

Designed for agents supporting Bash execution and file system access, such as Claude Code and other ACP-compatible harnesses.

Not yet audited

This skill has not been reviewed by our automated audit pipeline yet.

Information

Repository: Python Refactoring Skills
Stars: 39

Related Skills

Extract Circuit Netlist Edge Features

Extract structured edge features from a bipartite circuit netlist (NetworkX MultiGraph), normalizing device/net ordering, mapping terminal colors, and detecting

Reverse Engineer

Provides step-by-step guidance and best practices for binary reverse engineering: static analysis, dynamic tracing, disassembly, and documentation workflows for

Markdrop

Convert PDFs to structured Markdown or interactive HTML and generate AI-powered descriptions for images and tables using multiple LLM providers.

Sandbox0 Integration

Guidance and templates for integrating Sandbox0 sandboxing into AI agents — CLI/SDK patterns, templates, volumes, network policy, and deployment choices.

FastAPI Project Templates

Creates production-ready FastAPI project scaffolds with async patterns, DI, middleware, and testing best practices for high-performance APIs.

Unitree Robot Controller

Control and command Unitree robots (GO1/GO2/G1/H1) via OpenClaw: initialization, basic motion commands, and sensor integrations.

Alpha Forge Pre-Ship Quality Gates

Pre-merge quality gates for PRs that validate RNG determinism, forked URLs, runtime parameter ranges, and manifest synchronization to reduce review cycles.

CTF Write-up Generator

Generate a concise, reproducible submission-style CTF writeup with a one-path solution script, metadata, and a short checklist for fast verification.

Python Security Analysis & Remediation

What it does

When to use it

What's included

Compatible agents

Tags

Not yet audited

Information

Related Skills

Python Security Analysis & Remediation

What it does

When to use it

What's included

Compatible agents

Tags

Not yet audited

Information

Related Skills