跳转到主要内容
此内容尚未提供您的语言版本,正在以英文显示。

Security Audit

技能 已验证 活跃
属于:Agent Triforce

Deep security audit covering OWASP Top 10, authentication, authorization, data protection, dependency vulnerabilities, and secrets scanning. Delegates to the Centinela (QA) agent.

目的

To provide a comprehensive security audit of a codebase, ensuring it meets industry standards and identifying potential vulnerabilities before release or during periodic reviews.

功能

  • Deep OWASP Top 10 systematic check
  • Authentication and authorization audit
  • Secrets scanning for hardcoded credentials
  • Dependency vulnerability assessment (CVEs)
  • Smart contract security checks (Solidity)
  • Generates markdown security reports
  • Delegates to Centinela (QA) agent

使用场景

  • Before a release to verify security posture
  • After significant code changes affecting security
  • Periodic security review of the codebase
  • When adding new dependencies or integrations

非目标

  • Fixing identified vulnerabilities
  • Performing infrastructure security audits
  • Auditing non-code assets like documentation

安装

/plugin install agent-triforce@davepoon-buildwithclaude

质量评分

已验证
99 /100
1 day ago 分析

信任信号

最近提交6 days ago
GitHub 所有者 davepoon (opens in new tab)
星标2.9k
许可证MIT
网站buildwithclaude.com(opens in new tab)
状态
查看源代码

类似扩展

Ship Gate

100

Pre-production audit that scans a codebase for security, database, deployment, code quality, AI/LLM, dependency, frontend, and observability issues. Intercepts deploy commands and blocks until critical items pass. Stack-agnostic. Use for "run ship gate", "am I ready to ship", "pre-launch audit", "can I deploy", "push to production", "go live checklist", "preflight check". Not for CI/CD setup or infra provisioning.

技能
alirezarezvani

Security Audit Codebase

98

Perform a security audit of a codebase checking for exposed secrets, vulnerable dependencies, injection vulnerabilities, insecure configurations, and OWASP Top 10 issues. Use before publishing or deploying a project, for periodic security reviews, after adding authentication or API integration, before open-sourcing a private repository, or when preparing for a security compliance audit.

技能
pjt222

Security Auditor

98

Security vulnerability expert covering OWASP Top 10 and common security issues. Use when conducting security audits or reviewing code for vulnerabilities.

技能
charon-fan

TradeMemory Protocol

100

Evolution Engine 的领域知识 — 支持 LLM 从原始 OHLCV 数据中自主发现策略。涵盖生成-回测-选择-进化循环、向量化回测、样本外验证和策略梯度。在发现交易模式、运行回测、进化策略或审查进化日志时使用。由“evolve”、“discover patterns”、“backtest”、“evolution”、“strategy generation”、“candidate strategy”触发。

技能
mnemox-ai

Gdpr Dsgvo Expert

100

GDPR and German DSGVO compliance automation. Scans codebases for privacy risks, generates DPIA documentation, tracks data subject rights requests. Use for GDPR compliance assessments, privacy audits, data protection planning, DPIA generation, and data subject rights management.

技能
alirezarezvani

Refactor Plan

100

Prioritized redesign action plan covering quick wins, medium effort, major rework

技能
Aboudjem