원클릭으로
audit-code
Security-focused code review for hardcoded secrets, dangerous calls, and common vulnerabilities
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Security-focused code review for hardcoded secrets, dangerous calls, and common vulnerabilities
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
| name | audit-code |
| description | Security-focused code review for hardcoded secrets, dangerous calls, and common vulnerabilities |
| disable-model-invocation | true |
| allowed-tools | Read, Glob, Grep, Bash |
| context | fork |
Security-focused code review of project source code. Covers OWASP-style vulnerabilities, hardcoded secrets, dangerous function calls, and patterns relevant to AI-assisted development.
Run the auditor against the target path:
python3 "$SKILL_DIR/scripts/audit_code.py" "$ARGUMENTS"
If $ARGUMENTS is empty, default to $PROJECT_ROOT.
Structured report with severity-ranked findings, file locations, and actionable remediation steps.
The repository's .claude/settings.json includes PreToolUse hooks that warn on
dangerous Bash and Write operations. These hooks are advisory only -- they
produce warnings but do not block execution.
PreToolUse blocking or escalation, hooks must return
hookSpecificOutput.permissionDecision: "deny" or "ask" instead of warning messages