ワンクリックで
security-audit
Run a security-focused code audit with a generic checklist first, then layer on repo-specific risks.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Run a security-focused code audit with a generic checklist first, then layer on repo-specific risks.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
Review and update third-party dependencies. Use this when asked to upgrade packages, survey new minor or major releases for useful features, assess whether a repository can adopt them, or validate whether a release looks suspicious before bumping it.
Create a new implementation plan in the repo's planning area.
Process automated PR review comments systematically. Use this for CodeRabbit, Gemini, GitHub Copilot, Devin, Greptile, and similar bots.
| name | security-audit |
| description | Run a security-focused code audit with a generic checklist first, then layer on repo-specific risks. |
Run a security-focused code audit with a generic checklist first, then layer on repo-specific risks.
Start with repo context:
Check for hardcoded secrets:
Review authentication and authorization:
Review input handling:
Review file and storage access when relevant:
Review network and session behavior:
Review dependency risk:
bun audit
Use the repo's equivalent audit command if it does not use Bun. Also check GitHub security or Dependabot alerts when available.
Review AI-specific risks when applicable:
Layer in domain-specific risks:
Report findings by severity:
For each finding include: