code-security-audit

Perform a focused security audit on specific components.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "code-security-audit" with this command: npx skills add sirn/dotfiles/sirn-dotfiles-code-security-audit

Perform a focused security audit on specific components.

Process

Identify context:

  • Target specific files, modules, or API endpoints mentioned by the user

Analyze for security vulnerabilities:

  • Check for OWASP Top 10 vulnerabilities

  • Check for injection flaws (SQLi, Command Injection, XSS)

  • Verify authentication and authorization logic

  • Identify sensitive data exposure risks

  • Check for insecure dependencies (use WebSearch/WebFetch for known CVEs)

Synthesize findings into a Security Report

Output

  • Executive Summary (Risk Level)

  • Vulnerability Analysis

  • Critical: Exploitable flaws (Stop the line)

  • High: Likely exploitable or severe impact

  • Medium: Theoretical or difficult to exploit

  • Low: Best practice hardening

  • Remediation Steps (Code snippets or config changes)

  • Verification (How to test the fix)

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

code-config-ci

No summary provided by upstream source.

Repository SourceNeeds Review
16-sirn
Coding

code-quality

No summary provided by upstream source.

Repository SourceNeeds Review
16-sirn
Coding

code-plan

No summary provided by upstream source.

Repository SourceNeeds Review
16-sirn
Coding

code-explain

No summary provided by upstream source.

Repository SourceNeeds Review
16-sirn