code-security-audit
Perform a focused security audit on specific components.
Process
-
Identify context:
- Target specific files, modules, or API endpoints mentioned by the user
-
Analyze for security vulnerabilities:
- Check for OWASP Top 10 vulnerabilities
- Check for injection flaws (SQLi, Command Injection, XSS)
- Verify authentication and authorization logic
- Identify sensitive data exposure risks
- Check for insecure dependencies (use WebSearch/WebFetch for known CVEs)
-
Synthesize findings into a Security Report
Output
- Executive Summary (Risk Level)
- Vulnerability Analysis
- Critical: Exploitable flaws (Stop the line)
- High: Likely exploitable or severe impact
- Medium: Theoretical or difficult to exploit
- Low: Best practice hardening
- Remediation Steps (Code snippets or config changes)
- Verification (How to test the fix)
More from sirn/dotfiles
code-explain
Explain code, triage changes, or map project structure. Use when user asks to explain, understand, triage, or explore project structure.
19code-plan
Generate comprehensive implementation plan based on analysis. Use when user asks to plan this, create a plan, how should I implement, or wants implementation guidance.
19code-commit
Commit current changes using jj. Analyzes changes, suggests commit messages following repository conventions, proposes splits if needed, and creates commits. Use ONLY when user explicitly asks to commit changes or create commits.
18gemini-reference
Reference for calling the Gemini CLI agent from other agents. ALWAYS read BEFORE invoking Gemini to ensure correct JSON protocol, session management, and subtask delegation patterns.
18code-quality
Run comprehensive quality checks by orchestrating review, verification, testing, and linting. Use when user asks to check code quality, run full checks, or verify code health.
18context7
Retrieve up-to-date documentation context for libraries using the Context7 API. Use when needing current library documentation (React, Python stdlib, Rust, etc.) BEFORE implementing or writing code.
17