Security Review Helper

若 trigger 已命中但 Plan 尚未回填上述欄位：

• 先要求 Coordinator 回填
• 不要直接跳進 finding 撰寫

快速流程

1. 先確認 trigger source / matches 與審查範圍。
2. 用 code-reviewer 做 pre-scan。
3. 用攻擊面與 trust boundary 視角收斂真正可利用的漏洞。
4. 將 confirmed / rejected / uncertain 明確分流。
5. 輸出 Security Review 決策，供 Coordinator 回填。

建議前置動作

在開始寫 finding 前，先跑一次 code-reviewer 當 pre-scan：

# 單檔
python .github/workflow-core/skills/code-reviewer/scripts/code_reviewer.py path/to/file.py

# 目錄
python .github/workflow-core/skills/code-reviewer/scripts/code_reviewer.py src/

# diff
git diff --no-color > /tmp/security-review.diff
python .github/workflow-core/skills/code-reviewer/scripts/code_reviewer.py /tmp/security-review.diff .

# 或直接吃 git diff
python .github/workflow-core/skills/code-reviewer/scripts/code_reviewer.py git diff --staged .
python .github/workflow-core/skills/code-reviewer/scripts/code_reviewer.py git diff main..HEAD .

用途：

• 先抓 obvious secret / syntax / dangerous API 問題
• 幫你縮小人工深挖的檔案範圍
• 把「pattern 已命中」和「exploit path 已證明」明確分開

詳細 Checklist

完整的 intake、攻擊面速查表、Hypothesis 模板、Severity / Confidence 準則、Decision rubric 與自檢清單，請閱讀：

• .github/workflow-core/skills/security-review-helper/references/security_checklist.md

建議輸出骨架

## 🔐 Security Review

### Trigger
- source:
- matches:

### Scope
- Reviewed files:
- Related trust boundaries:

### Findings
| ID | Severity | Confidence | File/Area | Issue | Evidence | Exploit Path | Recommendation |
|----|----------|------------|-----------|-------|----------|--------------|----------------|

### Coverage Gaps
- [哪些區域沒審到 / 哪些 runtime context 缺失，導致只能保留 uncertain]

### Rejected Hypotheses
- [已考慮但證偽的假說]

### Decision
- PASS / PASS_WITH_RISK / FAIL