一键导入
security-audit
Perform a security audit of the codebase. Checks for OWASP Top 10, AI-specific vulnerabilities, dependency issues, and configuration problems.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Perform a security audit of the codebase. Checks for OWASP Top 10, AI-specific vulnerabilities, dependency issues, and configuration problems.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Bump or upgrade declared dependency versions in this pnpm workspace (root and packages/* package.json), with supply-chain checks before and after install. Use when the user asks to upgrade, bump, or refresh npm dependencies in manifests—not only the lockfile.
Check license compatibility, data privacy compliance, and AI ethics. Use when adding dependencies, handling user data, or reviewing regulatory requirements.
Deploy the application or manage infrastructure. Handles Docker builds, CI/CD, and deployment workflows.
Design a UI component with specifications for layout, states, interactions, and accessibility. Use when creating new Vue.js components or redesigning existing ones.
Implement a feature or fix a bug following the project's TypeScript patterns and conventions. Use when code changes are needed.
Produce a structured delegation plan for parallel agent execution. Takes a task description or plan output, analyzes dependencies, assigns agents, and groups tasks for parallel execution. Use after /plan-task or when you need to plan how to delegate work across agents.
| name | security-audit |
| description | Perform a security audit of the codebase. Checks for OWASP Top 10, AI-specific vulnerabilities, dependency issues, and configuration problems. |
| argument-hint | [scope: 'full', 'dependencies', 'ai-agents', or specific file paths] |
| context | fork |
| agent | security |
| allowed-tools | Bash(pnpm audit*), Bash(grep *), Bash(git *) |
Perform a security audit with the following scope:
$ARGUMENTS
pnpm audit
Review all known vulnerabilities in dependencies.
Scan for common vulnerability patterns:
Review the secure_agent pattern and verify:
Produce a security report with findings classified by severity:
Each finding includes: location, vulnerability, impact, and remediation steps.