#!/usr/bin/env bash # AutoSecScan one-line installer: # curl -fsSL https://raw.githubusercontent.com/jhammant/AutoSecScan/main/install.sh | bash # # Installs the CLI (via pipx or pip) and the Claude Code skill. Scanners are # optional (run `autosecscan doctor`); or use the Docker image which bundles them. set -euo pipefail RAW="https://raw.githubusercontent.com/jhammant/AutoSecScan/main" say() { printf "\033[1;35m▸\033[0m %s\n" "$*"; } say "Installing the autosecscan CLI…" if command -v pipx >/dev/null 2>&1; then pipx install --force "autosecscan[pdf]" || pipx install --force autosecscan elif command -v pip3 >/dev/null 2>&1; then pip3 install --user --upgrade autosecscan elif command -v pip >/dev/null 2>&1; then pip install --user --upgrade autosecscan else echo "Need pipx or pip. Install Python 3.10+ and pip, then re-run."; exit 1 fi say "Installing the Claude Code skill → ~/.claude/skills/security-scan/" SKILL_DIR="${HOME}/.claude/skills/security-scan" mkdir -p "$SKILL_DIR" if curl -fsSL "${RAW}/integrations/claude-code/skills/security-scan/SKILL.md" -o "${SKILL_DIR}/SKILL.md"; then say "Skill installed — ask Claude Code to \"security scan this before I deploy\"." else echo " (skill download skipped — network?)" fi echo say "Done. Next:" echo " autosecscan doctor # what's installed" echo " autosecscan authorize add-host 127.0.0.1" echo " autosecscan scan --repo . --no-net --i-have-permission" echo echo " Optional scanners: brew install nmap nuclei trivy gitleaks osv-scanner ; pip install semgrep" echo " Or everything bundled: docker run --rm ghcr.io/jhammant/autosecscan doctor"