Plugin
appsec
[Platform Team] 2 security scanning skills: appsec-scan (catalog-driven CI mirror — admin-managed scanner preference profiles, GitLab CI/CD Catalog component versions resolved every run, local runs of Fortify SAST, GitLab SAST/Dependency-Scanning-SBOM/Secret-Detection/Container-Scanning plus Parasoft, Pylint, ESLint, Scantist, Trivy; approval-gated fix loop and a guided Vulnerability Report triage plan) and appsec-dast-sim (LLM-based DAST following OWASP WSTG v4.2 — no running app required).