From da40ae1920ecd7c4351df00a750a2afb6273f7ab Mon Sep 17 00:00:00 2001
From: Chris Peoples <peoples.chris@gmail.com>
Date: Mon, 25 May 2026 17:03:02 -0400
Subject: [PATCH] Add ansible-security-scanner

---
 data/tools/ansible-security-scanner.yml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 data/tools/ansible-security-scanner.yml

diff --git a/data/tools/ansible-security-scanner.yml b/data/tools/ansible-security-scanner.yml
new file mode 100644
index 000000000..dcf240c4a
--- /dev/null
+++ b/data/tools/ansible-security-scanner.yml
@@ -0,0 +1,17 @@
+name: ansible-security-scanner
+categories:
+  - linter
+tags:
+  - ansible
+  - configmanagement
+  - security
+  - yaml
+license: Apache-2.0
+types:
+  - cli
+source: 'https://github.com/cpeoples/ansible-security-scanner'
+homepage: 'https://github.com/cpeoples/ansible-security-scanner'
+description: >-
+  Static analyzer for Ansible playbooks, roles, and collections. Detects
+  hardcoded credentials, remote code execution, and supply-chain risks
+  across 1,000+ rules. Outputs SARIF, CycloneDX SBOM, and GitLab SAST.