mirror of
https://github.com/luongnv89/claude-howto.git
synced 2026-06-01 10:31:33 +02:00
Luong NGUYEN
5caeff2f1c
Reorder folders based on learning dependencies, complexity, and frequency of use: - 01-slash-commands (unchanged) - Quick wins for beginners - 02-memory (was 03) - Essential foundation - 03-skills (was 05) - Auto-invoked capabilities - 04-subagents (was 02) - Task delegation - 05-mcp (was 04) - External integration - 06-hooks (was 07) - Event automation - 07-plugins (was 06) - Bundled solutions - 08-checkpoints (unchanged) - Safe experimentation - 09-advanced-features (unchanged) - Power user tools Documentation improvements: - Add LEARNING-ROADMAP.md with detailed milestones and exercises - Simplify README.md for better scannability - Consolidate Quick Start and Getting Started sections - Combine Feature Comparison and Use Case Matrix tables - Reorder README sections: Learning Path → Quick Reference → Getting Started - Update all cross-references across module READMEs 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
62 lines
1.5 KiB
Bash
62 lines
1.5 KiB
Bash
#!/bin/bash
|
|
# Security scan on file write
|
|
# Hook: PostToolUse:Write
|
|
|
|
FILE=$1
|
|
|
|
if [ -z "$FILE" ]; then
|
|
echo "Usage: $0 <file_path>"
|
|
exit 0
|
|
fi
|
|
|
|
echo "🔒 Running security scan on: $FILE"
|
|
|
|
ISSUES_FOUND=0
|
|
|
|
# Check for hardcoded passwords
|
|
if grep -qE "(password|passwd|pwd)\s*=\s*['\"][^'\"]+['\"]" "$FILE"; then
|
|
echo "⚠️ WARNING: Potential hardcoded password detected in $FILE"
|
|
ISSUES_FOUND=1
|
|
fi
|
|
|
|
# Check for hardcoded API keys
|
|
if grep -qE "(api[_-]?key|apikey|access[_-]?token)\s*=\s*['\"][^'\"]+['\"]" "$FILE"; then
|
|
echo "⚠️ WARNING: Potential hardcoded API key detected in $FILE"
|
|
ISSUES_FOUND=1
|
|
fi
|
|
|
|
# Check for hardcoded secrets
|
|
if grep -qE "(secret|token)\s*=\s*['\"][^'\"]+['\"]" "$FILE"; then
|
|
echo "⚠️ WARNING: Potential hardcoded secret detected in $FILE"
|
|
ISSUES_FOUND=1
|
|
fi
|
|
|
|
# Check for private keys
|
|
if grep -q "BEGIN.*PRIVATE KEY" "$FILE"; then
|
|
echo "⚠️ WARNING: Private key detected in $FILE"
|
|
ISSUES_FOUND=1
|
|
fi
|
|
|
|
# Check for AWS keys
|
|
if grep -qE "AKIA[0-9A-Z]{16}" "$FILE"; then
|
|
echo "⚠️ WARNING: AWS access key detected in $FILE"
|
|
ISSUES_FOUND=1
|
|
fi
|
|
|
|
# Scan with semgrep if available
|
|
if command -v semgrep &> /dev/null; then
|
|
semgrep --config=auto "$FILE" --quiet 2>/dev/null
|
|
fi
|
|
|
|
# Scan with trufflehog if available
|
|
if command -v trufflehog &> /dev/null; then
|
|
trufflehog filesystem "$FILE" --only-verified --quiet 2>/dev/null
|
|
fi
|
|
|
|
if [ $ISSUES_FOUND -eq 0 ]; then
|
|
echo "✅ No security issues found"
|
|
fi
|
|
|
|
# Don't block the operation, just warn
|
|
exit 0
|