dtsong/code-search
skills/code-search/SKILL.md
Fast codebase searches using grep/glob. Triggers on "find", "search", "where is", "grep for".
$ install --global
skillsauthnpx skillsauth add dtsong/my-claude-setup code-searchInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 26, 2026, 4:00 AM68.2s1 file scanned
SKILL.md
- name:
- code-search
- description:
- Fast codebase searches using grep/glob. Triggers on "find", "search", "where is", "grep for".
- model:
- haiku
- tools:
- [Grep, Glob, Read]
Code Search
Scope Constraints
- Read-only file search operations using Grep and Glob
- Does not modify, create, or delete files
- Does not execute found code or run tests
Input Sanitization
- Search patterns: reject null bytes, validate regex syntax before passing to Grep
- File glob patterns: reject
..traversal, null bytes, and shell metacharacters
Use Grep for content searches, Glob for file pattern matching.
Output Format
Found 5 matches for "handleAuth" in 3 files:
src/lib/auth.ts:23 export function handleAuth(req: Request) {
src/lib/auth.ts:45 return handleAuth(nextReq);
src/middleware.ts:12 import { handleAuth } from "@/lib/auth";
Gotchas
- Using
greporrgvia Bash instead of the Grep tool — the Grep tool has optimized permissions and better output formatting - Forgetting
--globor--typefiltering returns matches fromnode_modules,.git, and vendored code — always scope searches - Glob patterns are for file names only, not content — use Grep for content, Glob for finding files by path pattern
Grepuses ripgrep regex, not grep regex — literal braces need escaping (interface\{\}notinterface{})- Reading an entire large file when you only need a section — use
offsetandlimitparameters on Read
Examples
- "find all usages of X" → Grep for X
- "where is the config file" → Glob for config patterns
- "search for error handling" → Grep for try/catch, .catch, error patterns
Related Skills
dtsong/docx-to-pdf
testing
VerifiedTrustedCommunity
Use to convert a Word .docx file to PDF and/or verify its page count. Triggers on: converting docx to pdf, rendering a document, checking how many pages a docx produces, or asserting a page-count constraint (e.g. a resume must stay 2 pages). Wraps LibreOffice headless conversion.
5SKILL.mdUpdated Jun 11, 2026
dtsong/web-security-hardening
development
VerifiedTrustedCommunity
Security audit checklist for web applications. Use when reviewing, auditing, or hardening a web app's security posture. Covers rate limiting, auth headers, IP blocking, CORS, security middleware, input validation, file upload limits, ORM usage, and password hashing. Triggers on requests like "review security", "harden this app", "security audit", "check for vulnerabilities", or when building/reviewing API endpoints.
5SKILL.mdUpdated Apr 28, 2026
dtsong/prompt-wizard
development
VerifiedTrustedCommunity
Interactive wizard to craft effective prompts using Claude Code best practices
5SKILL.mdUpdated Apr 28, 2026
dtsong/gh-triage
tools
VerifiedTrustedCommunity
Use when batch labeling, prioritizing, and assigning GitHub issues during triage sessions.
5SKILL.mdUpdated Apr 26, 2026