/sentinel:headers

HTTP Security Headers

Analyzes security headers for a given URL. Context-aware grading based on exploitable risk, not checkbox compliance.

What it does

CSP, HSTS, X-Frame-Options, Referrer-Policy, Permissions-Policy

Platform-specific fix instructions (Vercel, Cloudflare, Netlify)

Other Sentinel skills

/sentinel:assessSecurity AssessmentAssesses your project's security surface — detects stack, package managers, security tooling, and integrations. Generates config for ongoing scanning.

/sentinel:scanFull Security ScanCombines Semgrep static analysis and dependency audit. Writes findings to tasks-plans/tasks.md with severity mapping.

/sentinel:audit-depsDependency CVE AuditFocused vulnerability audit. Reports CVEs with installed/fixed versions and exact upgrade commands.

/sentinel:package-riskPackage Risk AnalysisAnalyzes an installed package's source code for suspicious behavior patterns — eval calls, network requests, environment access, and obfuscation.

Get Started Back to Sentinel