Run a full security audit on the current project. Use when the user says "security audit", "audit this project", "check for vulnerabilities", or before a release. Runs gitleaks, dependency audit, and code scanning in sequence.
Run a comprehensive security audit: secrets scanning, dependency vulnerabilities, and code-level security review.
package.json → Node.js projectpyproject.toml or requirements.txt → Python projectRun gitleaks on the repo:
gitleaks detect --source . --verbose --no-banner 2>&1
brew install gitleaks or skip with warningNode.js:
pnpm audit --audit-level=moderate 2>&1
Python:
uv run pip-audit 2>&1 || pip audit 2>&1
Python:
ruff check . 2>&1
bandit -r src/ -ll 2>&1 || echo "bandit not installed"
TypeScript:
pnpm lint 2>&1 || echo "no lint script"
Dispatch the appropriate security reviewer agents based on what exists:
src/api/, routes/, handlers/ → backend-security-reviewersrc/components/, pages/, app/ → frontend-security-reviewercloud-security-reviewerappsec-reviewerProduce a summary table:
| Category | Tool | Findings | Blockers |
|---|---|---|---|
| Secrets | gitleaks | N | Y/N |
| Dependencies | pnpm audit / pip-audit | N | Y/N |
| Static Analysis | ruff / bandit / eslint | N | Y/N |
| Code Review | security agents | N | Y/N |