一键导入
secure-software-reviewer
Analyzes the codebase (local or remote) for security vulnerabilities, weak coding patterns, and exposure of sensitive data.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Analyzes the codebase (local or remote) for security vulnerabilities, weak coding patterns, and exposure of sensitive data.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
| name | secure-software-reviewer |
| description | Analyzes the codebase (local or remote) for security vulnerabilities, weak coding patterns, and exposure of sensitive data. |
| compatibility | Works with local projects or remote Pull Request URLs. |
| license | MIT |
| resources | ["templates/standards.md"] |
| metadata | {"author":"thiagoevoa","triggers":{"keywords":["review:security","review:vulnerabilities","review:secrets"]}} |
Use this skill to act as a Senior Security Engineer. It performs a comprehensive security audit of your codebase (local or remote) to identify vulnerabilities, hardcoded secrets, and weak security patterns.
Determine if the review is for a Remote Pull Request or Local Full Project Scan:
pr_url is provided or detected, follow the Remote Workflow.mcp_github_pull_request_read tool (if available) to fetch the full file content from the head branch and the diff/patch for the provided PR URL. If the MCP tool is not available, use the gh CLI or REST API via run_shell_command.templates/standards.md.mcp_github_pull_request_review_write tool (if available). If the MCP tool is not available, use the gh CLI or REST API.codebase_investigator subagent for large projects, or iterate through directories sequentially using list_directory and read_file in batches.package.json, pubspec.yaml, Makefile). Run these commands via the shell to gather factual data (failing tests, warnings) to include in your review report. If the commands are not obvious, ask the user.path/to/offending/file.ext[The specific line number][Cite the specific section from templates/standards.md]🔴 Required Improvement: A brief, clear description of the violation.
🛠️ Implementation Example: Suggested Refactor:
// A clean, optimized version of that code that adheres to the standards.Rationale: A one-sentence explanation of why this change is better.
pr_url (string, optional): PR URL for remote review.directory (string, optional): (Local only) Specific directory to scan.severity_threshold (string, optional): Only report issues at or above this level.Expert skill for analyzing and diagnosing issues from Jira, GitHub, and system logs.
Generates comprehensive project documentation (e.g., README.md, API docs, architecture overviews) based on the codebase.
Generates behavior-focused test code (Given-When-Then) for local project files, ensuring 100% coverage and no redundancy.
Analyzes code (local or remote) against Clean Code standards (Meaningful Names, Functions, Objects, Error Handling).
Identifies and suggests architectural design patterns (Creational, Structural, Behavioral) in local or remote code.
Performs a comprehensive code review by analyzing local changes or remote pull requests against Clean Code, SOLID principles, Design Patterns, and Test Code standards.