Sentinel
/sentinel:scanPROFull Security Scan
Combines Semgrep static analysis and dependency audit. Writes findings to tasks-plans/tasks.md with severity mapping.
What it does
OWASP Top 10 coverage
Framework-specific checks (React Server Components, Supabase service_role misuse)
Severity: Critical → High → Moderate mapping
What you get by plan
PRO
Static analysis + dependency audit with framework-specific rules.
- OWASP Top 10 + Semgrep rules
- Framework-aware checks (RSC, Supabase service_role)
- Severity-tagged findings in task queue
- Commit gate blocks on Critical/High