DiscordSign up
SKILLS.SH

security

Security audit workflow - vulnerability scan → verification

INSTALLATION
npx skills add https://github.com/parcadei/continuous-claude-v3 --skill security
Run in your project or agent environment. Adjust flags if your CLI version differs.

SKILL.md

/security - Security Audit Workflow

Dedicated security analysis for sensitive code.

When to Use

  • "Security audit"
  • "Check for vulnerabilities"
  • "Is this secure?"
  • "Review authentication code"
  • "Check for injection attacks"
  • Before handling auth, payments, user data
  • After adding security-sensitive features

Workflow Overview

┌─────────┐    ┌───────────┐

│  aegis  │───▶│ arbiter  │

│         │    │           │

└─────────┘    └───────────┘

  Security       Verify

  audit          fixes

Agent Sequence

#

Agent

Role

Output

1

aegis

Comprehensive security scan

Vulnerability report

2

arbiter

Verify fixes, run security tests

Verification report

Why Dedicated Security?

The /review workflow focuses on code quality. Security needs:

  • Specialized vulnerability patterns
  • Dependency scanning
  • Secret detection
  • OWASP Top 10 checks
  • Authentication/authorization review

Execution

Phase 1: Security Audit

Task(

  subagent_type="aegis",

  prompt="""

  Security audit: [SCOPE]

  Scan for:

  **Injection Attacks:**

  - SQL injection

  - Command injection

  - XSS (Cross-Site Scripting)

  - LDAP injection

  **Authentication/Authorization:**

  - Broken authentication

  - Session management issues

  - Privilege escalation

  - Insecure direct object references

  **Data Protection:**

  - Sensitive data exposure

  - Hardcoded secrets/credentials

  - Insecure cryptography

  - Missing encryption

  **Configuration:**

  - Security misconfigurations

  - Default credentials

  - Verbose error messages

  - Missing security headers

  **Dependencies:**

  - Known vulnerable packages

  - Outdated dependencies

  - Supply chain risks

  Output: Detailed report with:

  - Severity (CRITICAL/HIGH/MEDIUM/LOW)

  - Location (file:line)

  - Description

  - Remediation steps

  """

)

Phase 2: Verification (After Fixes)

Task(

  subagent_type="arbiter",

  prompt="""

  Verify security fixes: [SCOPE]

  Run:

  - Security-focused tests

  - Dependency audit (npm audit, pip audit)

  - Re-check reported vulnerabilities

  - Verify fixes don't introduce regressions

  Output: Verification report

  """

)

Security Scopes

Full Codebase

User: /security

→ Scan entire codebase

Specific Area

User: /security authentication

→ Focus on auth-related code

Single File

User: /security src/api/auth.py

→ Deep dive on one file

Dependencies Only

User: /security --deps

→ Only dependency vulnerabilities

Example

User: /security the payment processing code

Claude: Starting /security audit for payment code...

Phase 1: Security audit...

[Spawns aegis]

┌─────────────────────────────────────────────────────────────┐

│ Security Audit Report                                       │

├─────────────────────────────────────────────────────────────┤

│ Scope: src/services/payment/                                │

│ Files scanned: 12                                           │

│ Lines analyzed: 2,847                                       │

├─────────────────────────────────────────────────────────────┤

│ CRITICAL (1)                                                │

│ ──────────                                                  │

│ [C1] SQL Injection in payment.py:89                         │

│      query = f"SELECT * FROM orders WHERE id = {order_id}"  │

│      Fix: Use parameterized queries                         │

│                                                             │

│ HIGH (2)                                                    │

│ ────────                                                    │

│ [H1] Hardcoded API key in stripe_client.py:12               │

│      STRIPE_KEY = "sk_live_..."                             │

│      Fix: Move to environment variable                      │

│                                                             │

│ [H2] Missing input validation in refund.py:45               │

│      amount = request.json['amount']  # No validation       │

│      Fix: Validate amount is positive number                │

│                                                             │

│ MEDIUM (1)                                                  │

│ ──────────                                                  │

│ [M1] Verbose error messages in error_handler.py:23          │

│      return {"error": str(e)}  # Leaks internal details     │

│      Fix: Return generic message, log details internally    │

│                                                             │

│ LOW (0)                                                     │

│ ───────                                                     │

│ None                                                        │

├─────────────────────────────────────────────────────────────┤

│ Summary: 1 critical, 2 high, 1 medium, 0 low                │

│ Status: BLOCKING - Fix critical issues before release       │

└─────────────────────────────────────────────────────────────┘

Fix the critical and high issues, then run:

/security --verify

After Fixes

User: /security --verify

Claude: Phase 2: Verifying fixes...

[Spawns arbiter]

✅ C1: SQL injection fixed - using parameterized queries

✅ H1: API key moved to environment variable

✅ H2: Input validation added

✅ M1: Error messages sanitized

All security tests passing.

Security audit: PASSED

OWASP Top 10 Coverage

Risk

Checked

A01 Broken Access Control

A02 Cryptographic Failures

A03 Injection

A04 Insecure Design

A05 Security Misconfiguration

A06 Vulnerable Components

A07 Auth Failures

A08 Data Integrity Failures

A09 Logging Failures

A10 SSRF

Flags

  • --deps: Dependencies only
  • --verify: Re-run after fixes
  • --owasp: Explicit OWASP Top 10 report
  • --secrets: Focus on secret detection
BrowserAct

Let your agent run on any real-world website

Bypass CAPTCHA & anti-bot for free. Start local, scale to cloud.

Explore BrowserAct Skills →

Related skills

azure-compliance
3/3

Azure compliance scanning, Key Vault expiration auditing, and resource configuration validation. Runs azqr (Azure Quick Review) for comprehensive compliance assessment against best practices across subscriptions and resource groups Monitors Key Vault keys, secrets, and certificates for expiration dates and identifies items without expiration policies Detects orphaned, misconfigured, and non-compliant resources using Resource Graph queries Classifies findings by priority (Critical, High, Medium, Low) with remediation guidance for each issue

Verified authormicrosoft
SKILLS.SH
293K1.1K
2026-05-22
openclaw-secure-linux-cloud
1/3

Use when self-hosting OpenClaw on a cloud server, hardening a remote OpenClaw gateway, choosing between SSH tunneling, Tailscale, or reverse-proxy exposure, or…

xixu-me
SKILLS.SH
150K53
2026-05-22
entra-agent-id
3/3

Provision Microsoft Entra Agent Identity Blueprints, BlueprintPrincipals, and per-instance Agent Identities via Microsoft Graph, and configure OAuth 2.0 token…

Verified authormicrosoft
SKILLS.SH
59.1K1.1K
2026-05-21
firebase-security-rules-auditor
3/3

A skill to evaluate how secure Firestore security rules are. Use this when Firestore security rules are updated to ensure that the generated rules are…

firebase
SKILLS.SH
23.5K292
2026-05-21

Stop writing automation&scrapers

Install the CLI. Run your first Skill in 30 seconds. Scale when you're ready.

Start free
free · no credit card