一键导入
security-review
Dedicated security lens over a feature's changed code — read-only. Invoked by review-and-simplify, also usable standalone.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Dedicated security lens over a feature's changed code — read-only. Invoked by review-and-simplify, also usable standalone.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
Ingest a raw source into the project's OKF knowledge bundle — distill it into concept pages, refresh the index, and log the change. keel's compounding "LLM wiki" loop.
Use when implementation is complete, gates pass, and you need to decide how to integrate the work — presents structured options (merge, PR, keep, discard) and handles the chosen workflow, including worktree cleanup. Closes the SDD cycle after review-and-simplify.
Use when executing implementation plans with independent tasks in the current session
Orchestrates the implement-feature, evaluator, fix-runner loop for the active feature until all Criterios de Aceitacao are met and quality gates are green.
Use after the plan is approved to break the active feature's plan into a concrete task checklist, written into specs/<feature>/tasks.md from the tasks template.
Use while implementing a feature that has retries, queues, background jobs, external calls, or any critical path an on-call engineer will need to reason about in production. Invoke when adding a new endpoint, dependency, or async flow, and before considering such a feature done — instrumentation is developed alongside the code, like tests, not bolted on after.
| name | security-review |
| description | Dedicated security lens over a feature's changed code — read-only. Invoked by review-and-simplify, also usable standalone. |
When: invoked by review-and-simplify as one of its parallel lenses, on the feature's diff. Also usable standalone any time a focused security pass is needed.
Scope: the changed code only — the feature's tree-snapshot diff (git diff BASE_TREE HEAD_TREE, per subagent-driven-development's no-commit-rule snapshotting) or, if no snapshots exist, the working tree diff. Never the whole repo.
Output: findings by severity (Critical/Important/Minor) with file:line, reported inline. Makes NO edits.
Same bands as the task-reviewer rubric in subagent-driven-development:
Walk every item against the diff:
CLAUDE.md, ## Security): any check on a field like source, role, type, origin, createdVia, or userGroup that compares against a forbidden value (if (x === 'admin') throw) is a blacklist — new/unexpected values pass through silently. Flag every instance; the fix is if (x !== 'expected-value') throw or !allowedSet.has(x), with an enum preferred over a string literal.Math.random() or similar for tokens/IDs/secrets, weak or homegrown hashing, predictable session/reset tokens.subagent-driven-development's no-commit rule for how snapshots are taken).file:line — severity — description — why it matters.fix-runner or implement-and-evaluate — this skill reviews, it does not patch.Next: findings return to the orchestrator (review-and-simplify), which routes Critical/Important findings to fix-runner/implement-and-evaluate for remediation, then re-invokes this lens.