一键导入
security-review
Deep security analysis delegated to the security-reviewer agent. Checks auth, injection, secrets, dependencies, and reports with severity ratings.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Deep security analysis delegated to the security-reviewer agent. Checks auth, injection, secrets, dependencies, and reports with severity ratings.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
UI/UX design intelligence with searchable database
Generate comprehensive implementation plans through systematic discovery, synthesis, verification, and decomposition into beads. Use when asked to plan a feature, create a roadmap, design an implementation approach, or decompose work into trackable issues. Do NOT use for simple one-step tasks, quick fixes, or when the user just wants to execute an existing plan — use the work skill instead.
Execute a plan or direct task with worker delegation and verification.
Deep investigation mode. Gather context, analyze, synthesize recommendations without making code changes.
Fetch up-to-date library documentation via Context7 MCP. Use when working with external libraries, APIs, or frameworks.
Start interview-driven planning with Prometheus. Asks clarifying questions before generating implementation plan.
| name | security-review |
| description | Deep security analysis delegated to the security-reviewer agent. Checks auth, injection, secrets, dependencies, and reports with severity ratings. |
| argument-hint | [<files or feature area> | --diff [range]] |
| allowed-tools | Read, Grep, Glob, Bash, Task, TeamCreate, TeamDelete, SendMessage, AskUserQuestion |
| disable-model-invocation | true |
Spawn a
security-revieweragent to perform deep security analysis of code. Reports findings with severity ratings and file:line evidence. Read-only — no code changes.
<files or feature area> — Specific files or area to review (e.g., src/auth/, api routes)--diff [range] — Review recent changes (default: HEAD~1..HEAD)security-reviewer agent.Based on the argument:
Specific files/area:
--diff [range]:
git diff {range} --name-only to get changed filesgit diff {range} to get the full diffNo argument:
git diff --name-only and git diff --cached --name-onlygit diff HEAD~1..HEAD --name-onlyRecord the scope for the report header.
TeamCreate(team_name: "security-review", description: "Security analysis of {scope description}")
Spawn the security-reviewer agent with a task describing:
Wait for the agent to complete its review and produce a structured report.
Run ecosystem-specific audit in parallel with the agent review:
# JavaScript/TypeScript
if [[ -f "package.json" ]]; then
bun audit 2>/dev/null || npm audit 2>/dev/null || echo "SKIP: No audit tool available"
fi
# Python
if [[ -f "requirements.txt" ]] || [[ -f "pyproject.toml" ]]; then
pip audit 2>/dev/null || echo "SKIP: pip-audit not installed"
fi
# Go
if [[ -f "go.mod" ]]; then
govulncheck ./... 2>/dev/null || echo "SKIP: govulncheck not installed"
fi
# Other ecosystems
echo "SKIP: No supported audit tool detected"
Combine the agent's findings with dependency audit results into a unified report:
## Security Review Report
**Scope**: `{scope description}`
**Reviewed**: {current date}
---
### Verdict: SECURE | CONCERNS | CRITICAL
### Severity Summary
- Critical: N
- High: N
- Medium: N
- Low: N
### Findings
#### [CRITICAL|HIGH|MEDIUM|LOW] Finding Title
- **File**: `path/to/file.ts:42`
- **Category**: [Authentication|Authorization|Injection|Secrets|Dependencies|Data Exposure|Configuration]
- **Description**: What the vulnerability is
- **Impact**: What an attacker could do
- **Recommendation**: How to fix it
- **Evidence**: Relevant code snippet or pattern
### Dependency Audit
- Status: [PASS|CONCERNS|SKIP]
- Details: [audit output summary]
### Files Reviewed
- `path/to/file.ts` — [summary]
### Recommendations Priority
1. [Most critical fix first]
2. [Next priority]
TeamDelete(reason: "Security review complete")
TeamDelete cleanup: If TeamDelete fails, fall back to: rm -rf ~/.claude/teams/{team-name} ~/.claude/tasks/{team-name}
| Severity | Criteria |
|---|---|
| Critical | Exploitable vulnerability with high impact (RCE, auth bypass, data breach) |
| High | Significant vulnerability requiring attacker effort (stored XSS, SQL injection with limited scope) |
| Medium | Vulnerability with mitigating factors (reflected XSS, information disclosure) |
| Low | Best practice violation or hardening opportunity (missing headers, verbose errors) |
/review instead/review or /ultraqa