| name | firmware-audit |
| description | Audit firmware and embedded code for security vulnerabilities and best practices. Use when user says "firmware audit", "embedded security", "IoT security check", or working with C/C++/Rust firmware. Checks for hardcoded credentials, buffer overflows, and insecure boot. |
| user-invocable | true |
| allowed-tools | Read, Grep, Glob, Bash |
| context | fork |
| agent | edge-security |
| argument-hint | [target-directory] |
Perform a security audit on firmware/embedded code.
Context
Source files:
!find . -name "*.c" -o -name "*.h" -o -name "*.cpp" -o -name "*.rs" 2>/dev/null | head -20
Build system:
!ls Makefile CMakeLists.txt build.rs Cargo.toml platformio.ini 2>/dev/null
Target: $ARGUMENTS
Instructions
- Scan for hardcoded credentials (passwords, keys, tokens)
- Check for buffer overflow risks (unbounded copies, format strings)
- Verify secure boot and update mechanisms
- Audit communication protocols for encryption and authentication
- Check physical interface security (debug ports, JTAG)
- Generate structured security audit report