with one click
review-security
Review code changes with Security Review subagent.
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Menu
Review code changes with Security Review subagent.
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Based on SOC occupation classification
A Cursor Canvas is a live React app that the user can open beside the chat. You MUST use a canvas when the agent produces a standalone analytical artifact — quantitative analyses, billing investigations, security audits, architecture reviews, data-heavy content, timelines, charts, tables, interactive explorations, repeatable tools, or any response that benefits from visual layout. Especially prefer a canvas when presenting results from MCP tools (Datadog, Databricks, Linear, Sentry, Slack, etc.) where the data is the deliverable — render it in a rich canvas rather than dumping it into a markdown table or code block. If you catch yourself about to write a markdown table, stop and use a canvas instead. You MUST also read this skill whenever you create, edit, or debug any .canvas.tsx file.
Review code changes with Bugbot subagent.
Review code changes with the Bugbot or Security Review subagent.
Guide users building apps, scripts, CI pipelines, or automations on top of the Cursor SDK - TypeScript (`@cursor/sdk`) or Python (`cursor-sdk` / `cursor_sdk`). Use when the user mentions integrating, installing, or writing code against the Cursor SDK; says `Agent.create`, `Agent.prompt`, `Agent.resume`, `agent.send`, `run.stream`, `run.messages`, `CursorAgentError`, `@cursor/sdk`, `cursor-sdk`, or `cursor_sdk`; asks to run Cursor agents programmatically from a script, CI/CD pipeline, GitHub Action, backend service, or other code outside the Cursor IDE; wants to pick between local and cloud runtime, configure MCP servers for an SDK agent, or handle streaming, cancellation, or errors; or is wiring Cursor into an automation, bot, or REST `/v1/agents` migration. Use eagerly rather than answering from memory; the SDK surface evolves and this skill is the source of truth for the external packages.
View and modify Cursor CLI configuration settings in ~/.cursor/cli-config.json. Use when the user wants to change CLI settings, configure permissions, switch approval mode, enable vim mode, toggle display options, configure sandbox, or manage any CLI preferences.
Criar diagramas de sequência PlantUML em nível integração (apps + HTTP endpoints). Classifica pedido genérico (OAuth, SAML) vs projeto; resolve mapping via product-definition ou workspace-links.yaml. Usar quando pedir diagrama de sequência, documentação de fluxo, integração entre sistemas ou sequencia.puml.
| name | review-security |
| description | Review code changes with Security Review subagent. |
Use this skill when the user asks to run /review-security.
Launch exactly one security-review subagent with:
readonly: truerun_in_background: false unless explicitly asked to run in backgrounddescription: "Security Review"subagent_type: "security-review"The review subagent computes the local diff from the repository path, so do not compute the diff yourself before launching it. The repository path should be the active workspace or repository root for the code the user wants reviewed.
By default, the review subagent infers the repository's actual base branch, such as main, when computing branch changes. In most cases, do not provide Base Branch. Only provide it if you know the current branch or PR should be compared against a specific branch other than the repository's default base branch, such as when you created the current branch from another branch.
Special case: if the user explicitly asks to review a specific PR or branch, make sure that target is checked out before launching the subagent:
github.com/... /review, review {link}, or review {branch-name}.Use this exact prompt shape:
Full Repository Path: <absolute repository path>
Diff: <one of: "branch changes", "uncommitted changes">
Base Branch: <only include this line when reviewing branch changes against a known specific base branch>
Custom Instructions: <only include this line when the user gave specific review instructions>
Default to branch changes, which reviews branch changes against the merge-base with the default/base branch, including committed, staged, and unstaged changes. If the user asks to review only uncommitted, local working tree, dirty, or not-yet-committed changes, use uncommitted changes.
If the review subagent fails before producing findings, inspect the failure text.
Full Repository Path, missing Diff, wrong prompt shape, or wrong subagent type, correct the invocation and retry it once immediately.After the subagent finishes, summarize the result:
file:line.Do not fix findings or rerun review unless the user explicitly asks for that next step.