Security Auditor
Skill Verifiziert AktivSecurity vulnerability expert covering OWASP Top 10 and common security issues. Use when conducting security audits or reviewing code for vulnerabilities.
To conduct thorough security audits and vulnerability assessments on codebases, identifying common security flaws and providing guidance for remediation.
Funktionen
- Covers OWASP Top 10 vulnerabilities
- Performs static code analysis for security issues
- Includes scripts for finding secrets and generating audit reports
- Provides remediation guidance and best practices
Anwendungsfälle
- When requesting a security audit of code
- When needing a security review for vulnerabilities
- When concerned about common security risks like injection or access control failures
Nicht-Ziele
- Performing dynamic security testing
- Remediating vulnerabilities automatically
- Acting as a real-time intrusion detection system
Installation
npx skills add charon-fan/agent-playbookFührt das Vercel skills CLI (skills.sh) via npx aus — benötigt Node.js lokal und mindestens einen installierten skills-kompatiblen Agent (Claude Code, Cursor, Codex, …). Setzt voraus, dass das Repo dem agentskills.io-Format folgt.
Qualitätspunktzahl
VerifiziertVertrauenssignale
Ähnliche Erweiterungen
Codex Diff Develop
100Revisa el diff de la rama actual frente a develop en proyectos Drupal 11 siguiendo la metodología Codex (lógica de negocio, edge cases de hooks/queries, seguridad, performance, completitud). Genera un informe .md en la carpeta del IDE detectado (.antigravity/, .cursor/, .vscode/ o docs/) con hallazgos por severidad y soluciones accionables. Usar cuando el usuario pida "Revisión diff develop", "revisión diff develop", "diff develop", "revisar diff", "codex diff" o expresiones similares con intención de auditar cambios contra develop. Triggers: diff develop, codex diff, revisión diff, lint diff develop, auditar diff.
Soul Guardian
100Drift detection + baseline integrity guard for agent workspace files with automatic alerting support
Audit Dependency Versions
100Audit project dependencies for version staleness, security vulnerabilities, and compatibility issues. Covers lock file analysis, upgrade path planning, and breaking change assessment. Use before a release to ensure dependencies are current and secure, during periodic maintenance reviews, after receiving a security advisory, when upgrading to a new language version, before submitting to CRAN or npm, or when inheriting a project to assess its dependency health.
Codex PR Review
100Überprüft Pull Requests in Drupal 11 (oder anderen) Projekten gemäß der Codex-Methodik (Geschäftslogik, Edge Cases von Hooks/Queries, Sicherheit, Performance, Vollständigkeit). Generiert einen .md-Bericht im erkannten IDE-Ordner (.antigravity/, .cursor/, .vscode/ oder docs/) mit Befunden nach Schweregrad und umsetzbaren Lösungen. Verwenden Sie dies, wenn der Benutzer "Codex-Überprüfung", "PR-Überprüfung", "PR überprüfen", "PR überprüfen" anfordert.
Security Audit
99Deep security audit covering OWASP Top 10, authentication, authorization, data protection, dependency vulnerabilities, and secrets scanning. Delegates to the Centinela (QA) agent.
Security Audit Codebase
98Perform a security audit of a codebase checking for exposed secrets, vulnerable dependencies, injection vulnerabilities, insecure configurations, and OWASP Top 10 issues. Use before publishing or deploying a project, for periodic security reviews, after adding authentication or API integration, before open-sourcing a private repository, or when preparing for a security compliance audit.