Skills
skills/sirn/dotfiles/code-security-audit

code-security-audit

SKILL.md

Perform a focused security audit on specific components.

Process

  1. Identify context:

    • Target specific files, modules, or API endpoints mentioned by the user

  2. Analyze for security vulnerabilities:

    • Check for OWASP Top 10 vulnerabilities
    • Check for injection flaws (SQLi, Command Injection, XSS)
    • Verify authentication and authorization logic
    • Identify sensitive data exposure risks
    • Check for insecure dependencies (use WebSearch/WebFetch for known CVEs)

  3. Synthesize findings into a Security Report

Output

  1. Executive Summary (Risk Level)
  2. Vulnerability Analysis
    • Critical: Exploitable flaws (Stop the line)
    • High: Likely exploitable or severe impact
    • Medium: Theoretical or difficult to exploit
    • Low: Best practice hardening
  3. Remediation Steps (Code snippets or config changes)
  4. Verification (How to test the fix)
Weekly Installs
5
Repository
sirn/dotfiles
GitHub Stars
8
First Seen
12 days ago
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykWarn
Installed on
gemini-cli5
github-copilot5
codex5
kimi-cli5
amp5
cline5