ask-security-sentinel
Installation
SKILL.md
<critical_constraints> ✅ MUST run before git commit or deploy ✅ MUST halt and warn if secrets found ✅ MUST enforce parameterized queries </critical_constraints>
<secret_patterns>
sk_live_...(Stripe)ghp_...(GitHub)ey...(JWT tokens) → If found: HALT, warn user, move to .env </secret_patterns>
<vulnerability_checks>
SQL Injection
❌ Bad: DB::select("SELECT * FROM users WHERE id = $id")
✅ Good: DB::select("...", [$id])
XSS
- Check for
{!! $variable !!}in Blade - Ensure user explicitly confirmed safe HTML </vulnerability_checks>
Related skills
More from navanithans/agent-skill-kit
ask-explaining-code
Explain code via analogies, ASCII diagrams, step-by-step walkthroughs.
17ask-owasp-security-review
Static security analysis auditing for OWASP Top 10 risks.
15ask-system-architect-prime
Principal Architect for repo audits, complexity analysis, and refactoring recommendations.
15ask-nextjs-architect
Next.js 14+ scaffolding. App Router, Server Components, Server Actions, SEO.
15ask-commit-assistance
Code review, staging, and Conventional Commit message generation. MUST NOT COMMIT.
15ask-python-refactor
Python refactoring for readability, maintainability, and performance.
14