Security Audit Sandbox
sandbox_preset@snippbot/sandbox-security-audit ORG
Security auditing environment with Bandit, Semgrep, Trufflehog, Safety, and vulnerability scanners.
Security Scan Hook
hook@snippbot/hook-security-scan ORG
Scan for leaked secrets and known vulnerabilities when files change. Uses trufflehog and safety.
Dependency Audit
scheduled_job@snippbot/job-dependency-audit ORG
Weekly check for outdated and vulnerable dependencies across Python, Node.js, and Rust projects.
Security Analyst Profile
@snippbot/profile-security-analyst ORG
AI assistant configured as an expert security analyst. Threat modeling, vulnerability assessment, OWASP Top 10, SAST/DAST, compliance frameworks, and incident response.
CVE Lookup MCP Server
@snippbot/mcp-cve-lookup ORG
MCP server for searching the NIST National Vulnerability Database (NVD). Look up CVE details by ID, search by keyword or product, and check library versions for known vulnerabilities with CVSS severity scores.
Dependency Vulnerability Alert
@snippbot/hook-dep-vuln-alert ORG
Hook that triggers when dependency files change (package.json, requirements.txt, Cargo.toml, go.mod). Scans updated dependencies against known vulnerability databases and alerts on HIGH/CRITICAL CVEs.
Compliance Report Generator
@snippbot/job-compliance-report ORG
Weekly scheduled job that generates a compliance scorecard. Reviews authentication and access control, data protection, audit logging, vulnerability management, incident response, and change management — scoring each area and flagging anything below threshold.
Security Analyst Suite
@snippbot/suite-security-analyst ORG
Complete Snippbot setup for security analysts. Bundles a security-focused AI persona with threat modeling, CVE lookup, an incident-response workflow, dependency vulnerability alerts, weekly compliance reporting, and an OWASP knowledge base.