Audits security and supply-chain risk between two git refs with Codex cross-validation. 预发布安全审计(含 Codex 交叉验证)。Use when performing pre-release security audits, supply-chain reviews, or comparing two git refs for security regressions. Triggers on “预发布审计”, “security audit”, “release audit”, “安全预审”.
This skill compares any two git refs (tag/branch/commit SHA) and audits:
node_modules.github/workflows and build configs (Expo/EAS)The output is a Chinese Markdown report, with a unique title and filename containing the refs to avoid overwrites.
BASE_REF = starting point, TARGET_REF = ending point (release candidate)Ask exactly once before doing any work:
Which two git refs should I compare? (e.g.
v5.19.0→release/v5.20.0, ormain→feature/xxx)
Ask for the missing ref. Do not assume defaults unless the user explicitly says:
security-audit__${BASE_REF_SAFE}__to__${TARGET_REF_SAFE}.mdBASE_REF_SAFE/TARGET_REF_SAFE must replace / with __ (or -) for filesystem safety.# 安全预审报告(${BASE_REF} → ${TARGET_REF})Before starting any audit work, verify that Codex is operational. This is a hard prerequisite — the audit relies on Codex for cross-validation, so a broken Codex means a degraded audit.
Confirm Codex CLI is installed and authenticated. You can verify this by checking whether the codex:codex-rescue subagent type is available for dispatch.
If uncertain, invoke /codex:setup to check readiness.
| Result | Action |
|---|---|
| Codex CLI ready | Log: “✅ Codex 就绪。” Set CODEX_AVAILABLE = true. |
| Codex CLI not installed or not authenticated | Warn user: “⚠️ Codex CLI 未就绪,请运行 /codex:setup 检查配置。审计将以降级模式继续(无交叉验证)。” Set CODEX_AVAILABLE = false. |
Record the Codex status in the report header. Proceed with the audit regardless — Codex enhances but does not gate the audit.
git rev-parse --verify “${BASE_REF}^{commit}”git rev-parse --verify “${TARGET_REF}^{commit}”git status --porcelaingit diff --name-status “${BASE_REF}..${TARGET_REF}”Focus on:
**/*.{js,ts,tsx}**/package.json, yarn.lock.github/workflows/**eas.json, app.json, app.config.*, build scriptspackage.json, compute:
* / latest as High risk^ / ~ as Medium risk (explain why this matters for release determinism)yarn.lock did not, flag as High risk.yarn -vyarn install --immutableyarn install --frozen-lockfileresolutions, patches, non-registry sources, unexpected downloads.yarn audit (if available)osv-scanner against yarn.lock (if available)For each newly added direct dependency:
<pkg>/package.json:
preinstall, install, postinstall scriptsmain, module, exports)bin/, .node)privateKey|mnemonic|seed|keystore|passphraselocalStorage|indexedDB|AsyncStorage|keychain|keystorefetch|axios|XMLHttpRequest|http|https|WebSocket|wseval|new Function|child_process|spawn|execpreinstall|install|postinstallWithin ${BASE_REF}..${TARGET_REF} diffs, prioritize:
Inspect .github/workflows/** and build configs:
uses: ...@latest (High)permissions: for over-broad scopes--ignore-scripts, etc.)Skip this step if CODEX_AVAILABLE = false.
The purpose of this step is to get an independent second opinion from Codex. Codex reviews the same diff without seeing your primary findings, so its conclusions serve as genuine cross-validation — agreement strengthens confidence, disagreement flags areas needing human attention.
Use the Agent tool to dispatch an independent security review to Codex:
Agent(
subagent_type = "codex:codex-rescue",
prompt = "Security audit for OneKey crypto wallet monorepo.
Comparing ${BASE_REF} (${BASE_SHA}) → ${TARGET_REF} (${TARGET_SHA}).
Changed files:
${CHANGED_FILES_LIST}
Full diff:
${FULL_DIFF or chunked sections if too large}
Review focus areas:
1. **Secret/PII leakage** — mnemonic, private key, seed, API key exposure via logs, network, storage
2. **Supply-chain risks** — new/updated dependencies, install scripts, suspicious package behavior
3. **Auth/signing flow changes** — any modification to key handling, transaction signing, vault logic
4. **Network layer** — new RPC endpoints, telemetry, outbound requests, WebSocket changes
5. **Storage layer** — changes to local/secure storage, encryption, keychain access
6. **CI/CD pipeline** — workflow permission changes, unpinned actions, remote script execution
7. **Dynamic execution** — eval, new Function, child_process patterns in new code
For each finding report:
- File path and line number
- Severity: Critical / High / Medium / Low
- Category: secret-leak / supply-chain / auth-bypass / network / storage / ci-cd / dynamic-exec / other
- Description of the risk
- Suggested remediation"
)
If the diff is too large (>50KB), prioritize including in the prompt:
package.json + yarn.lock diffs)The Agent result returns Codex's output as a text string. If the result is empty or the Agent fails, log it and continue without Codex findings.
Extract structured findings from the response. For each finding, record:
Combine findings from the primary audit (Steps C–H) with Codex findings (Step I) into a unified list.
| Scenario | Action | Confidence |
|---|---|---|
| Both found same issue (same file, same category) | Mark {Cross-validated ✅} | Auto-promote to 🔵 High |
| Primary-only finding | Include normally | Keep original assessment |
| Codex-only finding | Include with [Codex] tag, review against source to assign confidence | Default 🟠 Medium, adjust after manual review |
| Conflicting assessment (one says safe, other flags risk) | Include both perspectives, flag for human review | ⚪ Low with note |
When primary and Codex flag the same issue with different descriptions, keep the more detailed description and note both sources. Do not list the same issue twice.
| Tag | Meaning | When to use |
|---|---|---|
| 🔵 High | Confirmed from code or cross-validated | Clear vulnerability, both reviewers agree, or verifiable from source |
| 🟠 Medium | Likely issue, single reviewer or needs context | Pattern suggests risk, might be intentional |
| ⚪ Low | Possible issue, needs human judgment | Heuristic match, conflicting signals, depends on business logic |
Write the report to:
security-audit__${BASE_REF_SAFE}__to__${TARGET_REF_SAFE}.md
# 安全预审报告(${BASE_REF} → ${TARGET_REF})
## 审计概要
- **审计范围**: ${BASE_REF} (${BASE_SHA}) → ${TARGET_REF} (${TARGET_SHA})
- **变更文件数**: X 个文件, +Y / -Z 行
- **Codex 交叉验证**: ✅ 已启用 / ⚠️ 降级模式(原因)
- **审计日期**: YYYY-MM-DD
## 风险总览
| 等级 | 数量 | 交叉验证数 |
|------|------|------------|
| 🔴 Critical | N | M |
| 🟠 High | N | M |
| 🟡 Medium | N | M |
| 🟢 Low | N | M |
## Codex 交叉验证摘要
<!-- REQUIRED if Codex was used, OMIT section if CODEX_AVAILABLE = false -->
| # | 发现 | Primary | Codex | 状态 | 置信度 |
|---|------|---------|-------|------|--------|
| 1 | 问题描述 | ✅ | ✅ | Cross-validated ✅ | 🔵 High |
| 2 | 问题描述 | ✅ | — | 仅 Primary | 🟠 Medium |
| 3 | 问题描述 | — | ✅ | 仅 Codex [已确认] | 🟠 Medium |
**一致性统计**: N 项交叉验证 / M 项仅 Primary / K 项仅 Codex
**Codex 独有发现中确认为真的**: X / K
## 依赖变更分析 (Step C)
...
## Lockfile 确定性检查 (Step D)
...
## 已知漏洞扫描 (Step E)
...
## 新依赖深度检查 (Step F)
...
## 源码安全审查 (Step G)
...
## CI/CD 管道风险 (Step H)
...
## 发现的问题(合并后)
### [🔴 Critical] [🔵 High] 问题标题 {Cross-validated ✅}
**文件**: `path/to/file.tsx:42`
**类型**: secret-leak / supply-chain / auth-bypass / network / storage / ci-cd
**来源**: Primary + Codex
**描述**: 问题描述,风险说明
**证据**:
\```
代码片段
\```
**修复建议**: ...
---
### [🟠 High] [🟠 Medium] 问题标题 [Codex]
**文件**: `path/to/file.tsx:18`
**类型**: ...
**来源**: Codex(已人工确认)
**描述**: ...
**修复建议**: ...
---
## 修复清单
| 优先级 | 置信度 | 文件 | 类型 | 来源 | 描述 |
|--------|--------|------|------|------|------|
| 🔴 Critical | 🔵 High | file1.tsx:42 | secret-leak | Primary+Codex | 描述 |
| 🟠 High | 🟠 Medium | file2.tsx:18 | supply-chain | Codex | 描述 |
## 测试建议
1. 测试场景
2. 测试场景
## 审计方法说明
- Primary 审计: 本地 AI 逐步执行 Steps A–H
- Codex 交叉验证: 通过官方 Codex 插件独立审查同一 diff(Step I)
- 合并策略: 交叉验证提升置信度,冲突标记人工复核(Step J)