Skip to main content
在 Manus 中运行任何 Skill
一键导入

security-logging-and-monitoring-failures

星标2
分支1
更新时间2026年7月9日 12:42

SAST detection methodology for security logging and monitoring failures (CWE-778), including missing logging of security events (auth success/failure, access-control denials, high-value transactions, input-validation failures), logging of secrets/PII/tokens (CWE-532), insufficient log context for forensics (CWE-223), absent alerting/monitoring, and non-tamper-resistant/uncentralized logs. Use when reviewing logging configuration, security-event handlers, and what data is written to logs. Largely a code/config-review class. Writes confirmed findings to findings/42-security-logging-and-monitoring-failures.md.

安装

用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。

SKILL.md
readonly