بنقرة واحدة
security-audit
Run a security-focused code audit with a generic checklist first, then layer on repo-specific risks.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Run a security-focused code audit with a generic checklist first, then layer on repo-specific risks.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Review and update third-party dependencies. Use this when asked to upgrade packages, survey new minor or major releases for useful features, assess whether a repository can adopt them, or validate whether a release looks suspicious before bumping it.
Create a new implementation plan in the repo's planning area.
Process automated PR review comments systematically. Use this for CodeRabbit, Gemini, GitHub Copilot, Devin, Greptile, and similar bots.
| name | security-audit |
| description | Run a security-focused code audit with a generic checklist first, then layer on repo-specific risks. |
Run a security-focused code audit with a generic checklist first, then layer on repo-specific risks.
Start with repo context:
Check for hardcoded secrets:
Review authentication and authorization:
Review input handling:
Review file and storage access when relevant:
Review network and session behavior:
Review dependency risk:
bun audit
Use the repo's equivalent audit command if it does not use Bun. Also check GitHub security or Dependabot alerts when available.
Review AI-specific risks when applicable:
Layer in domain-specific risks:
Report findings by severity:
For each finding include: