AI coding is fast but it leaves behind a lot of blind spots. To fix this, I built Ship Safe. It is an open source CLI that orchestrates specialized security agents locally. I just finished mapping all of them to native Claude Code skills so you can trigger them right in your chat session. Here is the exact lineup you can run against your codebase: • Secret Detection: Checks for 50+ API key patterns and high entropy strings. • Auth Bypass: Hunts for inverted logic and bad JWT implementation. • LLM Red Teaming: Actively tests for prompt injection vulnerabilities. • Injection Scanner: Looks for standard SQL and XSS flaws. • CI/CD & Supply Chain: Audits your deployment workflows. Because each agent has one narrow job, it drastically reduces the false positives you get from asking a general LLM to “check for security bugs.” It natively supports Ollama for zero API costs. Let me know what other skills the community needs! Repo: https://github.com/asamassekou10/ship-safe submitted by /u/DiscussionHealthy802
Originally posted by u/DiscussionHealthy802 on r/ClaudeCode