Security Review

Archivo del skill

Security Review

Comprehensive security audit. TRIGGER when reviewing code for vulnerabilities, before deployments, when user mentions security, or when changes touch auth/payment/user-data code paths.

eemax0 estrellas24 mar 2026

Ocupación
Categorías: Contratos Inteligentes

Contenido de la habilidad

Perform a security review of the codebase or specified changes.

Process

Identify the scope — specific files, a PR diff, or the full codebase
Work through each category in @CHECKLIST.md
For each finding, record:
- Severity — Critical / High / Medium / Low
- Location — file:line reference
- Issue — What's wrong
- Fix — Specific remediation steps
Summarize findings grouped by severity

Rules

Focus on real vulnerabilities, not theoretical risks
Provide specific fixes, not just warnings
Check for secrets in code, not just logic flaws
Consider the deployment context when rating severity
If no issues found, say so — don't manufacture findings

Gotchas

Don't flag theoretical risks in dead code paths — verify the code is actually reachable