メニュー
Adversarial security review via Gemini. Think like an attacker. ALL issues must be fixed.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
| name | security-review |
| description | Adversarial security review via Gemini. Think like an attacker. ALL issues must be fixed. |
Adversarial security review using Gemini. Think like an attacker. ALL issues must be fixed.
No arguments? Describe this skill and stop. Do not execute.
mkdir -p .claude && echo '{"skill":"security-review","started":"'$(date -Iseconds)'"}' > .claude/active-workflow.json
Fix toward code a master craftsperson would be proud of.
Security fixes must be clean, not band-aids. The result should look like it was written by a skilled human security engineer.
The best security fix is often the simplest one.
Fix ALL findings. Every issue identified gets fixed for production readiness. No deferring, no "backlog for next cycle," no "appropriate for MVP."
ALLOWED:
FORBIDDEN:
If a finding seems to require restructuring: fix it anyway by restructuring within the existing file. The only acceptable unfixed items are findings that require adding new external dependencies — report those with a one-line explanation.
You MUST fix EVERY issue Gemini identifies. ALL of them. No exceptions.
If Gemini found it, YOU FIX IT. Period.
Before starting, read these canon skills and apply their principles throughout:
Always load:
canon/security/security-mindset/SKILL.mdcanon/security/owasp/SKILL.mdcanon/security/web-security/SKILL.mdAuto-detect language canon (check files, load matches):
| Check | If found, also read |
|---|---|
*.ts or *.js files in target | canon/javascript/typescript/SUMMARY.md, canon/javascript/js-safety/SUMMARY.md, canon/javascript/js-perf/SUMMARY.md, canon/javascript/js-internals/SUMMARY.md, canon/javascript/functional/SUMMARY.md |
angular.json in project root | canon/angular/angular-arch/SUMMARY.md, canon/angular/angular-core/SUMMARY.md, canon/angular/angular-perf/SUMMARY.md, canon/angular/rxjs/SUMMARY.md |
package.json contains "react" | canon/javascript/react-state/SUMMARY.md, canon/javascript/react-test/SUMMARY.md, canon/javascript/reactivity/SUMMARY.md |
pom.xml or build.gradle in project | canon/java/SUMMARY.md |
*.py files in target | canon/python/python-advanced/SUMMARY.md, canon/python/python-idioms/SUMMARY.md, canon/python/python-patterns/SUMMARY.md, canon/python/python-protocols/SUMMARY.md |
*.cs files or *.csproj in project | canon/csharp/csharp-depth/SUMMARY.md, canon/csharp/type-systems/SUMMARY.md, canon/csharp/async/SUMMARY.md |
If a skill file doesn't exist (not installed in this project), skip it and continue.
List loaded experts in EXPERTS_LOADED. Tag each fix with (via [expert-skill]) showing which expert drove it.
Find recently modified files using git diff or git log. Look in: src/, lib/, app/, migrations/, db/, and project root. If NO code exists, output "no code to review" and stop.
Before calling Gemini, manually verify these common-miss patterns. These are frequently missed by AI reviewers and must be checked explicitly:
Symlink / path traversal:
realpath (or equivalent) AND
then checked with path.relative() to confirm it stays within the allowed
directory. startsWith is insufficient — symlinks bypass it.Secrets in process lists:
ps aux and shell history. Flag as HIGH.
Fix: accept via file path, stdin, env var, or interactive prompt instead.Data integrity:
mcp__gemini-reviewer__gemini_review
code: <paste the source code>
focus: "adversarial"
context: "PRODUCTION SECURITY GATE. This code is about to be deployed to production. Think like an attacker targeting a production system. Find: security vulnerabilities, race conditions, edge cases that crash in production, input validation bypasses, resource exhaustion (DoS), privilege escalation. Be hostile and thorough — every finding you miss is a production incident. Specifically check: (1) symlink bypass in path validation — startsWith is not enough (2) secrets exposed in process lists via CLI args — leaked to ps aux in production (3) data format versioning/migration safety — corrupted data in production is catastrophic (4) error messages that leak internals to attackers in production (5) missing rate limiting or resource bounds that enable DoS in production. For each finding: cite file:line, severity (CRITICAL/HIGH/MEDIUM/LOW). CRITICAL = exploitable in production today. HIGH = would cause security incidents in production."
If tool unavailable, output: GEMINI_ERROR: tool not available
For EACH issue Gemini identifies:
If you truly cannot fix an issue (tool limitation), the phase FAILS.
GEMINI_RESULT: called - [N] issues
ISSUES_FOUND:
[SEVERITY] description (file:line)
ISSUES_FIXED:
[SEVERITY] description - FIXED (via [expert-skill])
UNFIXED: 0 (must be zero or phase fails)
EXPERTS_LOADED: [list of skill names actually read]
REVIEW_ISSUES: N
SECURITY_REVIEW_COMPLETE: yes
After fixing all issues, record NEW findings so earlier phases learn from them. Security findings are especially valuable for the feedback loop.
Write to TWO files:
.claude/lessons.mdAppend the specific finding with file paths and context:
## {date} - {target path}
### Security Found (phase 8)
- {CATEGORY}: {specific description with file:line} → {which earlier phase should catch this and how}
.claude/universal-lessons.mdRead this file first. If the general pattern is already listed, skip. If it's a NEW general pattern not already covered, append it to the appropriate section (LOGIC Patterns or DESIGN Patterns). Write the general rule, not the project-specific instance:
### {Pattern Name}
- {General description of the vulnerability pattern, not tied to specific files} → {how to avoid it}
Categories: LOGIC (most security issues), DESIGN (architectural security gaps)
Common security findings that indicate earlier-phase gaps:
path.joinexecSync with template literals</ in JSON embedded in HTMLIf no new lessons were learned (already in both files), skip this step.
After fixing all issues, produce an evidence checklist. Write to .claude/evidence/ (create directory if needed).
Review EVERY entry point: exported CLI commands, file I/O with external paths, createReadStream, createWriteStream, readFileSync, writeFileSync. Write to .claude/evidence/adversarial-9a.md:
# Evidence: Adversarial 9a — Attack Surface
| Location | Item | Verdict | Reasoning |
|----------|------|---------|-----------|
| src/cli.ts:add | CLI command 'add' validates input | PASS | Path is sanitized before use |
| src/store.ts:12 | writeFileSync with user path | FAIL | No path traversal protection |
Every row must have a PASS or FAIL verdict. No blanks. The machine gate validates row counts against codebase counters — incomplete checklists block the pipeline.
Read-only quality scan of components. Reports problems without making changes. Uses software-base + domain profile skills.
Refactoring patterns - improving code design without changing behavior
Read-only quality scan of components. Reports problems without making changes. Uses software-base + domain profile skills.
Internal phase: independent Codex review + targeted fixes. Not user-facing.
Find duplicated code and consolidate into shared utilities. Fixes all duplicates.
Reference templates for Codex evaluation. Used by build/improve orchestrators — not executed directly.