Back to Marketplace
security-audit
Audit codebases and infrastructure for security issues using various tools and techniques.
4,870downloads20installs20stars
v1.0.0
cmdopSecuritycode_review, devops, security3/2/2026
Overview
The security-audit skill is designed to help developers identify and fix security issues in their codebases and infrastructure. It provides a comprehensive set of tools and techniques to scan for vulnerabilities, detect hardcoded secrets, and verify secure coding patterns.
Key Features
- Dependency vulnerability scanning using npm, pip-audit, and other tools
- Secret detection using manual grep patterns and automated scanning with git
- OWASP top 10 vulnerability review
- SSL/TLS verification
- File and directory permission auditing
- Secure coding pattern review
How It Works
The skill provides a set of instructions and commands to execute using various tools and languages. It covers different aspects of security auditing, including dependency vulnerability scanning, secret detection, and secure coding pattern review.
Use Cases
- Scanning project dependencies for known vulnerabilities
- Detecting hardcoded secrets, API keys, or credentials in source code
- Reviewing code for OWASP top 10 vulnerabilities (injection, XSS, CSRF, etc.)
- Verifying SSL/TLS configuration for endpoints
- Auditing file and directory permissions
- Checking authentication and authorization patterns
- Preparing for a security review or compliance audit
Reviews
No reviews yet.