Run any Skill in Manus with one click

Get Started

security-plan-gap

Use when defining plans, specs, or task breakdowns for web application work that may be missing security requirements

Run Skill in Manus

Overview

Use when defining plans, specs, or task breakdowns for web application work that may be missing security requirements

Install command

npx skills add https://github.com/alicankiraz1/Codex-Sentinel --skill security-plan-gap

Copy and paste this command into Claude Code to install the skill

Source

alicankiraz1/Codex-Sentinel

Stars79

Forks6

UpdatedMarch 22, 2026 at 09:55

File Explorer

3 files

SKILL.md

readonly

name	security-plan-gap
description	Use when defining plans, specs, or task breakdowns for web application work that may be missing security requirements

Security Plan Gap

Overview

Find missing security requirements before code exists. This skill turns design omissions into actionable plan additions.

When to Use

writing a feature plan or architecture
reviewing a spec before implementation starts
breaking work into tasks that may cross trust boundaries or handle sensitive data

Workflow

Read the current plan, spec, or task breakdown.
Load references/plan-gap-checklist.md.
Load ../shared/common-web-threats.md, ../shared/finding-schema.md, and the relevant stack profile if known.
Produce a gap report with missing controls, risk scenarios, and suggested plan additions.
End with a closing coverage note using the shared headings: Reviewed / Not reviewed / Assumptions / Tools run.

Guardrails

Treat missing requirements as gaps, not confirmed vulnerabilities.
Prefer concise, actionable additions over generic best-practice lists.
Lower confidence when the stack or architecture is only partly defined.
Treat this skill as the default planning-stage review pass when codex-sentinel invokes it automatically.

More from this repository

same repository

codex-sentinel

alicankiraz1/Codex-Sentinel

Use when a repository wants stage-aware cybersecurity guidance during planning, risky implementation changes across authentication, authorization, tokens, secrets, middleware, outbound requests, file handling, CI, deployment, and other trust boundaries, post-implementation review, or pre-release hardening; do not trigger for doc-only, naming-only, formatting-only, or UI-only changes that do not affect a trust boundary

2026-03-2279

security-review-gate

alicankiraz1/Codex-Sentinel

Use when implementation is complete or review is requested and the user may want a focused security review of the changed code

2026-03-2279

security-test-rig

alicankiraz1/Codex-Sentinel

Use when a feature or project is nearing handoff or release and the user may want a stack-aware security check plan without automatic setup

2026-03-2279

Source

alicankiraz1

alicankiraz1/Codex-Sentinel

View GitHub Repository View Creator Repositories

Install command

Download

Run Skill in Manus

Useful forSOC

Information Security AnalystsComputer and Mathematical Occupations15-1212L4

name	security-plan-gap
description	Use when defining plans, specs, or task breakdowns for web application work that may be missing security requirements

Security Plan Gap

Overview

Find missing security requirements before code exists. This skill turns design omissions into actionable plan additions.

When to Use

writing a feature plan or architecture
reviewing a spec before implementation starts
breaking work into tasks that may cross trust boundaries or handle sensitive data

Workflow

Read the current plan, spec, or task breakdown.
Load references/plan-gap-checklist.md.
Load ../shared/common-web-threats.md, ../shared/finding-schema.md, and the relevant stack profile if known.
Produce a gap report with missing controls, risk scenarios, and suggested plan additions.
End with a closing coverage note using the shared headings: Reviewed / Not reviewed / Assumptions / Tools run.

Guardrails

Treat missing requirements as gaps, not confirmed vulnerabilities.
Prefer concise, actionable additions over generic best-practice lists.
Lower confidence when the stack or architecture is only partly defined.
Treat this skill as the default planning-stage review pass when codex-sentinel invokes it automatically.