by Hainrixz
Open-source cybersecurity analysis agent for Claude Code. Scans projects for vulnerabilities across all OWASP 2025 Top 10 and CWE Top 25 categories. 11 security domains, 60+ secret patterns, parallel subagent analysis, professional report generation. Built by tododeia.com
# Add to your Claude Code skills
git clone https://github.com/Hainrixz/cyber-neoLast scanned: 5/30/2026
{
"issues": [],
"status": "PASSED",
"scannedAt": "2026-05-30T16:18:54.526Z",
"npmAuditRan": true,
"pipAuditRan": true
}cyber-neo is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by Hainrixz. Open-source cybersecurity analysis agent for Claude Code. Scans projects for vulnerabilities across all OWASP 2025 Top 10 and CWE Top 25 categories. 11 security domains, 60+ secret patterns, parallel subagent analysis, professional report generation. Built by tododeia.com. It has 167 GitHub stars.
Yes. cyber-neo passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.
Clone the repository with "git clone https://github.com/Hainrixz/cyber-neo" and add it to your Claude Code skills directory (see the Installation section above).
cyber-neo is primarily written in Python. It is open-source under Hainrixz on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh cyber-neo against similar tools.
No comments yet. Be the first to share your thoughts!
Protect your apps. Protect your users. Protect your community.
Shipped by @soyenriquerocha | Built by the Tododeia community — empowering developers to ship secure software.
Cyber Neo is a comprehensive cybersecurity analysis agent that runs inside Claude Code. Point it at any project on your computer, and it performs a deep security audit — scanning your code, dependencies, secrets, infrastructure, and supply chain for vulnerabilities. It generates a professional, prioritized report with actionable remediation guidance so you can fix issues before they become incidents.
No security expertise required. Just run /cyber-neo and let the agent do the work.
Cyber Neo was built with a mission: our community at tododeia.com is building apps, tools, and products. We want to help every developer in the community protect what they're building. This agent is our contribution — open source, free, and designed to be the most thorough security scanner available as a Claude Code skill.
Most security tools require installation, configuration, and expertise to interpret results. Cyber Neo is different:
| Traditional Security Tools | Cyber Neo |
|---|---|
| Require installation and setup | Works instantly as a Claude Code skill |
| Need security expertise to interpret | Plain-language findings with code-level remediation |
| Scan one category (SAST or SCA or secrets) | Scans 11 categories in one run |
| Output raw findings without context | CWE/OWASP-classified findings with fix examples |
| Run sequentially | 5 parallel subagents for speed |
| Require paid licenses for full coverage | 100% free and open source |
Cyber Neo covers 11 security domains across every major vulnerability class:
| # | Category | What It Finds | How |
|---|---|---|---|
| 1 | Code Security (SAST) | SQL injection, XSS, command injection, code injection, path traversal, SSRF, deserialization, prototype pollution | Semgrep (optional) + Claude-native pattern analysis |
| 2 | Authentication & Authorization | Missing auth middleware, JWT misconfigurations, broken access control, IDOR, session management flaws, missing RBAC | Claude-native analysis using auth-authz-patterns.md |
| 3 | Cryptographic Security | Weak algorithms (MD5, SHA1, DES, RC4), hardcoded keys/IVs, TLS bypass, insecure random, weak key lengths | Claude-native analysis using crypto-patterns.md |
| 4 | Secret Detection | 60+ regex patterns: AWS, GCP, Azure, GitHub, Slack, Stripe, database credentials, private keys, API keys, JWT tokens, .env files | Python batch scanner + Gitleaks (optional) |
| 5 | Dependency Vulnerabilities (SCA) | Known CVEs in npm, pip, cargo, bundler, composer, and Go dependencies | Trivy / npm audit / pip-audit / cargo-audit (optional) |
| 6 | Web Security | Missing security headers (CSP, CORS, HSTS), CSRF, cookie flags, file upload flaws, open redirects | Claude-native analysis using web-security-patterns.md |
| 7 | Supply Chain Security | Lock file integrity, dependency confusion, typosquatting, unpinned versions, malicious packages | Python lockfile checker + Claude-native analysis |
| 8 | CI/CD Security | GitHub Actions script injection, overly permissive permissions, unpinned actions, secret exposure in workflows | Claude-native analysis using cicd-security.md |
| 9 | Docker & Container Security | Root user, unpinned base images, secrets in layers, privileged containers, Docker socket exposure | Claude-native analysis using iac-docker.md |
| 10 | Error Handling | Debug mode in production, stack trace exposure, empty catch blocks, missing error boundaries | Claude-native analysis using error-handling-patterns.md |
| 11 | Logging Security | Sensitive data in logs, log injection, missing security event logging | Claude-native analysis using logging-patterns.md |
Cyber Neo maps every finding to industry standards:
| Language | Frameworks | Reference File |
|---|---|---|
| JavaScript / TypeScript | Express, Next.js, React, Vue, Angular, Fastify, NestJS, Koa, Electron | lang-javascript.md (924 lines) |
| Python | Django, Flask, FastAPI, Tornado, Starlette | lang-python.md (935 lines) |
| Any language | Generic SAST patterns (eval, exec, hardcoded creds, command injection) | Built into SKILL.md |
Coming in v0.2: Go, Ruby/Rails, Java/Spring, Rust, PHP/Laravel
cd ~/.claude/skills
git clone https://github.com/Hainrixz/cyber-neo.git
That's it. Claude Code automatically discovers the skill.
git clone https://github.com/Hainrixz/cyber-neo.git ~/projects/cyber-neo
ln -s ~/projects/cyber-neo ~/.claude/skills/cyber-neo
/plugin install cyber-neo
Marketplace availability coming soon.
Open Claude Code and type:
/cyber-neo
If installed correctly, Cyber Neo will ask you for a project path to scan.
# Scan a specific project
/cyber-neo /path/to/your/project
# Scan the current working directory
/cyber-neo .
Phase 1: Reconnaissance
Detects your tech stack, frameworks, and infrastructure
Estimates project scope and applies scanning tier
Phase 2-6: Parallel Analysis (5 subagents)
Dependency vulnerabilities (SCA)
Code security patterns (SAST)
Secret detection (60+ regex patterns)
Configuration & infrastructure checks
Supply chain & CI/CD security
Phase 7: Report Generation
Deduplicates, scores, and classifies findings
Generates professional security report
The report is saved to your Desktop:
~/Desktop/cyber-neo-report-{project-name}-{YYYY-MM-DD}.md
Every Cyber Neo report includes:
Risk Score: 67/100 (High Risk)
| Severity | Count |
|----------|-------|
| Critical | 2 |
| High | 5 |
| Medium | 8 |
| Low | 3 |
| Info | 4 |
Top 3 Priority Actions:
1. Fix SQL injection in src/api/users.js:42 — use parameterized queries
2. Rotate leaked AWS key in .env — key is active and exposed
3. Add authentication to /api/admin routes — currently public
Each finding includes:
[CN-001] SQL Injection in User Query
Severity: Critical (CVSS ~9.8)
CWE: CWE-89 (SQL Injection)
OWASP: A05:2025 (Injection)
Location: src/api/users.js:42
Description: User input is directly concatenated into SQL query
without parameterization, enabling SQL injection attacks.
Evidence:
const query = `SELECT * FROM users WHERE id = ${req.params.id}`;
Remediation:
const query = 'SELECT * FROM users WHERE id = $1';
const result = await db.query(query, [req.params.id]);
Cyber Neo is built as a Claude Code skill — a markdown-based prompt that orchestrates Claude's analysis capabilities. The architecture has three layers:
The SKILL.md file (563 lines) is the brain of Cyber Neo. It contains:
14 reference files totaling 10,000+ lines of security patterns:
references/
├── owasp-top-10.md # OWASP 2025 classification + scoring guide
├── cwe-top-25.md # CWE mappings with detection patterns
├── secrets-patterns.md # 60+ regex patterns for secret detection
├── auth-authz-patterns.md # JWT, sessions, RBAC, IDOR patterns
├── crypto-patterns.md