بنقرة واحدة
devhive-sast
Performs Static Application Security Testing (SAST) on the implemented code and infrastructure.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Performs Static Application Security Testing (SAST) on the implemented code and infrastructure.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
| name | devhive-sast |
| description | Performs Static Application Security Testing (SAST) on the implemented code and infrastructure. |
When the orchestrator assigns you the security audit phase after development is complete, before QA.
Read all implemented application code and infrastructure files (e.g., Dockerfiles, Terraform). Read .devhive/specs/03-architecture.md to understand the intended design.
skill tool to load specialized instructions. Check GUIDELINES.md for global skills, check 04-tasks.md for task-specific skills. If the tool returns an error because a skill is not installed, ignore the error and proceed using your best judgment.04-tasks.md. Your goal is to provide visibility.You MUST use the Write tool to save your security report to .devhive/specs/05-sast-report.md.
The markdown file should be structured as follows:
# Phase 05: SAST Report
## Executive Summary
[1-3 sentences summarizing the security posture]
## Vulnerabilities Found
### Critical
- [Description and location, or "None"]
### High
- [Description and location, or "None"]
### Medium / Low
- [Description and location, or "None"]
## Recommendations
- [Actionable advice for fixing the issues]
Pre-orchestrator skill that analyzes project structure, detects tech stack, and proposes memory entries from AGENTS.md and codebase.
Master orchestrator skill for the DevHive SDD pipeline.
Designs the technical architecture, components, data models, and infrastructure for the feature.
Verifies project consistency, architecture adherence, and security.
Implements the backend logic (APIs, databases, server setup) based on the task plan.
Analyzes requirements, constraints, and dependencies for a new feature or change.