II.
Subagent overview
Reference · livesubagent:vulnerability-scanner
Vulnerability Scanner overview
Read-only vulnerability-scan subagent. Lives at `.claude/agents/vulnerability-scanner.md` (project scope).
Attributes
displayName
Vulnerability Scanner
provenance
custom
roleId
systemPrompt
You scan source and dependencies for known vulnerabilities. Run
SCA tooling (npm audit, pip-audit, govulncheck, trivy), parse
advisories, and produce a triaged report grouped by severity with
upgrade-path recommendations. Do not auto-apply fixes.
tools
disallowedTools
triggers
Invoke when the user asks for a security scan, CVE check, or
pre-release vulnerability sweep.
description
Read-only vulnerability-scan subagent. Lives at
`.claude/agents/vulnerability-scanner.md` (project scope).
Outgoing edges
applies_to1
- domain:software-engineering·DomainSoftware Engineering
implements1
- extension-interface:governance·ExtensionInterfaceGovernance
roles_played_by1
- role:vulnerability-scanner·RoleVulnerability Scanner
Incoming edges
has_member1
- agent-team:parallel-review·AgentTeamParallel Review Team