一键导入
security-scan-sharded
Use when asked to find security vulnerabilities, run a security scan, review security fixes, or assess a repository for exploitable issues.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Use when asked to find security vulnerabilities, run a security scan, review security fixes, or assess a repository for exploitable issues.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
Use when asked to audit docs, review docs accuracy, or validate documentation claims against actual code, commands, APIs, configs, and diagrams.
Use when asked to grade, evaluate, assess, score, or review an agent skill's quality.
Use when asked to monitor an upstream repository for new commits, releases, merged PRs, or breaking changes affecting a local fork or wrapper.
Use when asked to find similar projects, existing tools, prior art, libraries, or whether something already exists before building.
Use when asked to update dependencies, upgrade packages, avoid deprecated packages, or fix issues after a dependency update.
基于 SOC 职业分类
| name | security-scan-sharded |
| description | Use when asked to find security vulnerabilities, run a security scan, review security fixes, or assess a repository for exploitable issues. |
| metadata | {"short-description":"Sharded security scan with validated findings"} |
Fan out the scan, then kill false positives before they reach the report.
{file, line, severity, claim, exploit-scenario} — a finding without a concrete exploit scenario is not a finding.npm audit / lockfile diff for known CVEs; flag install scripts (preinstall/postinstall) in deps; flag deps with curl | sh patterns or network access at install time.severity — file:line — exploit scenario — suggested fix.Notes: