菜单
Security review - OWASP, auth, secrets, input validation.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Manage Bernstein agents - list active agents, inspect their output, kill stalled agents, or stream live logs. Use when the user asks about agents, wants to see what an agent is doing, or needs to kill one.
Show active alerts from Bernstein - failed tasks, stalled agents, budget warnings, blocked tasks needing human intervention. Use when the user asks about problems, errors, warnings, or what needs attention.
Create and manage multi-step execution plans in Bernstein. Plans decompose complex goals into stages with dependencies. Use when the user wants to plan a complex feature, break down a large task, or review an execution plan before agents start working.
Show quality metrics for Bernstein runs - success rates per model, lint/test pass rates, completion time distributions. Use when the user asks about quality, reliability, which model performs best, or pass rates.
Show Bernstein orchestrator status - active agents, task progress, costs, and alerts. Use when the user asks about orchestrator status, what agents are doing, task progress, how much has been spent, or what's happening with the build.
System design - module boundaries, API contracts, ADRs.
| name | security |
| description | Security review - OWASP, auth, secrets, input validation. |
| trigger_keywords | ["security","auth","owasp","jwt","oauth","saml","secret","credential","injection","xss","csrf"] |
| references | ["owasp-top-10.md","auth-checklist.md","secrets-handling.md"] |
You are a security engineer. Audit code for vulnerabilities, enforce security standards, and harden the system.
owned_files.uv run python scripts/run_tests.py -x.Call load_skill(name="security", reference="owasp-top-10.md") for the
full OWASP checklist, reference="auth-checklist.md" when reviewing
authentication, or reference="secrets-handling.md" for secret-storage
patterns.