Security Audit Skill Detect common security vulnerabilities during code review and development. Based on OWASP guidelines and common vulnerability patterns. Design Principle This skill is framework-generic . It provides universal security patterns: - Covers OWASP Top 10 and common CWEs - Works with Python, TypeScript, and other languages - Project-specific security requirements go in project-specific skills Variables | Variable | Default | Description | |----------|---------|-------------| | SEVERITY THRESHOLD | medium | Minimum severity to report | | SCAN DEPTH | 3 | Directory depth for scan…

, directory):\n raise ValueError(\"Invalid directory name\")\nsubprocess.run([\"ls\", directory])\n```\n\n### Path Traversal (CWE-22)\n\n**BAD - User input in paths:**\n```python\n# VULNERABLE\npath = f\"/uploads/{user_filename}\"\nwith open(path) as f:\n return f.read()\n```\n\n**GOOD - Validate and sanitize:**\n```python\n# SAFE\nfrom pathlib import Path\n\nupload_dir = Path(\"/uploads\").resolve()\nrequested = (upload_dir / user_filename).resolve()\n\nif not requested.is_relative_to(upload_dir):\n raise ValueError(\"Path traversal attempt\")\n\nwith open(requested) as f:\n return f.read()\n```\n\n### Hardcoded Secrets (CWE-798)\n\n**BAD - Secrets in code:**\n```python\n# VULNERABLE\nAPI_KEY = \"sk-1234567890abcdef\"\nDB_PASSWORD = \"super_secret_password\"\n```\n\n**GOOD - Environment variables:**\n```python\n# SAFE\nimport os\n\nAPI_KEY = os.environ[\"API_KEY\"]\nDB_PASSWORD = os.environ[\"DB_PASSWORD\"]\n\n# Or with defaults for development\nAPI_KEY = os.getenv(\"API_KEY\", \"dev-key-only\")\n```\n\n### XSS (CWE-79)\n\n**BAD - Unsanitized output:**\n```html\n\u003c!-- VULNERABLE -->\n\u003cdiv>{{ user_input }}\u003c/div>\n```\n\n**GOOD - Proper escaping:**\n```html\n\u003c!-- SAFE - auto-escaped in most frameworks -->\n\u003cdiv>{{ user_input | e }}\u003c/div>\n\n\u003c!-- Or use textContent in JS -->\nelement.textContent = userInput; // Safe\n```\n\n## Severity Levels\n\n| Severity | Impact | Examples |\n|----------|--------|----------|\n| CRITICAL | Data breach, RCE | SQL injection, shell injection |\n| HIGH | Data exposure, privilege escalation | Path traversal, hardcoded secrets |\n| MEDIUM | Information disclosure | Verbose errors, bare excepts |\n| LOW | Best practice violation | Missing input validation |\n\n## Detection Patterns\n\n### Python Patterns to Search\n\n```python\nVULNERABLE_PATTERNS = {\n \"sql_injection\": [\n r'execute\\([\\'\"].*%s.*[\\'\"].*%', # % formatting in SQL\n r'execute\\(f[\\'\"]', # f-string in SQL\n r'execute\\([\\'\"].*\\+', # String concat in SQL\n ],\n \"shell_injection\": [\n r'os\\.system\\(', # os.system\n r'subprocess\\..*shell=True', # shell=True\n r'eval\\(', # eval\n r'exec\\(', # exec\n ],\n \"bare_except\": [\n r'except\\s*:', # bare except\n ],\n \"hardcoded_secrets\": [\n r'password\\s*=\\s*[\\'\"]', # password = \"...\"\n r'api_key\\s*=\\s*[\\'\"]', # api_key = \"...\"\n r'secret\\s*=\\s*[\\'\"]', # secret = \"...\"\n ],\n}\n```\n\n### TypeScript Patterns to Search\n\n```typescript\nconst VULNERABLE_PATTERNS = {\n sqlInjection: [\n /`SELECT.*\\$\\{/, // Template literal in SQL\n /\"SELECT.*\" \\+ /, // String concat in SQL\n ],\n xss: [\n /innerHTML\\s*=/, // innerHTML assignment\n /dangerouslySetInnerHTML/, // React dangerous prop\n ],\n shellInjection: [\n /exec\\([`'\"]/, // child_process.exec\n /spawn\\(.*shell:\\s*true/, // shell: true\n ],\n};\n```\n\n## Audit Workflow\n\n### Step 1: Identify Sensitive Areas\n\n```markdown\nCheck these high-risk areas first:\n- Authentication/authorization code\n- Database queries\n- File operations\n- External API calls\n- User input handling\n- Serialization/deserialization\n```\n\n### Step 2: Run Pattern Scan\n\n```markdown\nFor each source file:\n Match against vulnerability patterns\n Record file, line, pattern matched\n Assess severity\n```\n\n### Step 3: Generate Report\n\n```markdown\n# Security Audit Report\n\n## Summary\n- CRITICAL: 2\n- HIGH: 5\n- MEDIUM: 12\n\n## Critical Issues\n\n### 1. SQL Injection in user_service.py:45\nPattern: f-string in execute()\n```python\ncursor.execute(f\"SELECT * FROM users WHERE id = {user_id}\")\n```\n\n**Fix**: Use parameterized query\n```python\ncursor.execute(\"SELECT * FROM users WHERE id = %s\", (user_id,))\n```\n```\n\n## Integration\n\n### With /ai-dev-kit:execute-lane\n\nRun security audit in code-related lanes:\n\n```markdown\nLane: SL-API\n\nPost-implementation checks:\n1. ✓ Tests pass\n2. ✓ Lint clean\n3. ⚠️ Security audit: 2 MEDIUM issues\n\nReview security findings before merge.\n```\n\n### CI Integration\n\n```yaml\n- name: Security Audit\n run: |\n # Check for vulnerable patterns\n grep -rn \"execute(f\" --include=\"*.py\" && exit 1 || true\n grep -rn \"shell=True\" --include=\"*.py\" && exit 1 || true\n grep -rn \"except:\" --include=\"*.py\" && echo \"Warning: bare except found\"\n```\n\n## Best Practices\n\n1. **Defense in depth**: Multiple layers of security\n2. **Least privilege**: Minimum permissions needed\n3. **Input validation**: Validate all external input\n4. **Output encoding**: Escape output appropriately\n5. **Secrets management**: Never hardcode secrets\n6. **Error handling**: Don't expose internal details\n7. **Logging**: Log security events (not sensitive data)\n8. **Updates**: Keep dependencies updated\n---","attachment_filenames":["cookbook/bare-except.md","cookbook/sql-injection.md","skill-report.json"],"attachments":[{"filename":"cookbook/bare-except.md","content":"# Bare Except Handling Cookbook\n\nHow to properly handle exceptions instead of using bare `except:` blocks.\n\n## Why Bare Except is Bad\n\n```python\n# BAD: Catches EVERYTHING including:\ntry:\n do_something()\nexcept: # \u003c-- bare except\n pass\n\n# This catches:\n# - KeyboardInterrupt (Ctrl+C)\n# - SystemExit (sys.exit())\n# - GeneratorExit\n# - Actual bugs you want to see\n# - All the exceptions you didn't anticipate\n```\n\n## The Problems\n\n### 1. Hides Bugs\n\n```python\n# BAD: Bug is hidden\ndef calculate(x, y):\n try:\n result = x / y # ZeroDivisionError hidden!\n return rezult # NameError hidden!\n except:\n return 0\n```\n\n### 2. Prevents Interruption\n\n```python\n# BAD: Can't Ctrl+C out of this\ntry:\n while True:\n do_work()\nexcept: # Catches KeyboardInterrupt!\n pass\n```\n\n### 3. Silently Fails\n\n```python\n# BAD: No idea what went wrong\ntry:\n complex_operation()\nexcept:\n return default_value # What failed? Why?\n```\n\n## Proper Exception Handling\n\n### Catch Specific Exceptions\n\n```python\n# GOOD: Catch specific exceptions\ntry:\n result = int(user_input)\nexcept ValueError:\n print(\"Please enter a valid number\")\nexcept TypeError:\n print(\"Input must be a string\")\n```\n\n### Multiple Exceptions\n\n```python\n# GOOD: Multiple specific exceptions\ntry:\n data = fetch_and_parse(url)\nexcept ConnectionError:\n log.warning(\"Network issue, retrying...\")\n data = retry_fetch(url)\nexcept json.JSONDecodeError:\n log.error(\"Invalid JSON response\")\n data = None\nexcept TimeoutError:\n log.error(\"Request timed out\")\n raise\n```\n\n### Catch Base Exception Class\n\n```python\n# ACCEPTABLE: When you really need to catch all\ntry:\n risky_operation()\nexcept Exception as e: # Not BaseException\n log.error(f\"Operation failed: {e}\")\n # Still allows KeyboardInterrupt, SystemExit\n\n# RARELY NEEDED: BaseException\ntry:\n critical_cleanup()\nexcept BaseException as e:\n # Document WHY you need this\n log.critical(f\"Cleanup failed: {e}\")\n raise # Re-raise after logging\n```\n\n### Re-raise After Handling\n\n```python\n# GOOD: Log then re-raise\ntry:\n important_operation()\nexcept SomeError as e:\n log.error(f\"Failed: {e}\")\n notify_admin(e)\n raise # Let it propagate\n```\n\n### Transform Exceptions\n\n```python\n# GOOD: Wrap in domain exception\nclass ServiceError(Exception):\n pass\n\ntry:\n response = api_call()\nexcept ConnectionError as e:\n raise ServiceError(f\"API unreachable: {e}\") from e\nexcept json.JSONDecodeError as e:\n raise ServiceError(f\"Invalid response: {e}\") from e\n```\n\n## Detection Pattern\n\n```python\n# Regex to find bare excepts\nBARE_EXCEPT_PATTERN = r'except\\s*:'\n\n# To find in codebase\ngrep -rn \"except:\" --include=\"*.py\" .\n```\n\n## Remediation Examples\n\n### Before/After: File Operations\n\n```python\n# BEFORE (bad)\ndef read_config():\n try:\n with open(\"config.json\") as f:\n return json.load(f)\n except:\n return {}\n\n# AFTER (good)\ndef read_config():\n try:\n with open(\"config.json\") as f:\n return json.load(f)\n except FileNotFoundError:\n log.info(\"No config file, using defaults\")\n return {}\n except json.JSONDecodeError as e:\n log.error(f\"Invalid config JSON: {e}\")\n raise ConfigurationError(f\"Malformed config: {e}\") from e\n except PermissionError:\n log.error(\"Cannot read config file: permission denied\")\n raise\n```\n\n### Before/After: API Calls\n\n```python\n# BEFORE (bad)\ndef fetch_data(url):\n try:\n response = requests.get(url)\n return response.json()\n except:\n return None\n\n# AFTER (good)\ndef fetch_data(url):\n try:\n response = requests.get(url, timeout=10)\n response.raise_for_status()\n return response.json()\n except requests.Timeout:\n log.warning(f\"Request to {url} timed out\")\n return None\n except requests.HTTPError as e:\n log.warning(f\"HTTP error from {url}: {e.response.status_code}\")\n return None\n except requests.RequestException as e:\n log.error(f\"Failed to fetch {url}: {e}\")\n return None\n except json.JSONDecodeError:\n log.error(f\"Invalid JSON from {url}\")\n return None\n```\n\n### Before/After: Database Operations\n\n```python\n# BEFORE (bad)\ndef save_user(user):\n try:\n db.add(user)\n db.commit()\n except:\n db.rollback()\n\n# AFTER (good)\ndef save_user(user):\n try:\n db.add(user)\n db.commit()\n except IntegrityError as e:\n db.rollback()\n if \"unique constraint\" in str(e):\n raise DuplicateUserError(f\"User already exists: {user.email}\")\n raise\n except OperationalError as e:\n db.rollback()\n log.error(f\"Database error: {e}\")\n raise DatabaseError(\"Failed to save user\") from e\n```\n\n## Exception Hierarchy\n\nKnow the Python exception hierarchy:\n\n```\nBaseException\n├── BaseExceptionGroup\n├── GeneratorExit\n├── KeyboardInterrupt\n├── SystemExit\n└── Exception \u003c-- Catch this for \"normal\" errors\n ├── ArithmeticError\n │ ├── FloatingPointError\n │ ├── OverflowError\n │ └── ZeroDivisionError\n ├── AssertionError\n ├── AttributeError\n ├── BufferError\n ├── EOFError\n ├── ImportError\n │ └── ModuleNotFoundError\n ├── LookupError\n │ ├── IndexError\n │ └── KeyError\n ├── MemoryError\n ├── NameError\n │ └── UnboundLocalError\n ├── OSError\n │ ├── ConnectionError\n │ ├── FileExistsError\n │ ├── FileNotFoundError\n │ ├── PermissionError\n │ └── TimeoutError\n ├── RuntimeError\n │ └── RecursionError\n ├── StopIteration\n ├── SyntaxError\n ├── TypeError\n └── ValueError\n```\n\n## Best Practices\n\n1. **Be specific**: Catch the narrowest exception possible\n2. **Log it**: Always log what went wrong\n3. **Re-raise when appropriate**: Don't swallow exceptions silently\n4. **Use `from e`**: Preserve exception chain with `raise X from e`\n5. **Document handlers**: Comment why you're catching each exception\n6. **Test error paths**: Write tests for exception handling\n","content_type":"text/markdown; charset=utf-8","language":"markdown","size":6282,"content_sha256":"55db432538f1b0fae86acb35e71408f0136bbb8de3d5693a8b804d073393dfc1"},{"filename":"cookbook/sql-injection.md","content":"# SQL Injection Prevention Cookbook\n\nHow to prevent SQL injection vulnerabilities in your code.\n\n## Understanding SQL Injection\n\nSQL injection occurs when user input is included directly in SQL queries without proper sanitization or parameterization.\n\n### The Attack\n\n```python\n# User input\nuser_input = \"'; DROP TABLE users; --\"\n\n# Vulnerable code\nquery = f\"SELECT * FROM users WHERE name = '{user_input}'\"\n# Results in: SELECT * FROM users WHERE name = ''; DROP TABLE users; --'\n```\n\n## Prevention Patterns\n\n### Python + SQLAlchemy\n\n```python\n# BAD - String formatting\nsession.execute(f\"SELECT * FROM users WHERE id = {user_id}\")\nsession.execute(\"SELECT * FROM users WHERE name = '%s'\" % name)\n\n# GOOD - Use ORM methods\nuser = session.query(User).filter(User.id == user_id).first()\nusers = session.query(User).filter(User.name == name).all()\n\n# GOOD - Parameterized raw SQL when needed\nfrom sqlalchemy import text\nresult = session.execute(\n text(\"SELECT * FROM users WHERE id = :user_id\"),\n {\"user_id\": user_id}\n)\n```\n\n### Python + psycopg2\n\n```python\nimport psycopg2\n\n# BAD - String formatting\ncursor.execute(f\"SELECT * FROM users WHERE id = {user_id}\")\ncursor.execute(\"SELECT * FROM users WHERE name = '\" + name + \"'\")\n\n# GOOD - Parameterized query (tuple)\ncursor.execute(\"SELECT * FROM users WHERE id = %s\", (user_id,))\n\n# GOOD - Named parameters (dict)\ncursor.execute(\n \"SELECT * FROM users WHERE name = %(name)s AND age > %(age)s\",\n {\"name\": name, \"age\": min_age}\n)\n```\n\n### Python + SQLite\n\n```python\nimport sqlite3\n\n# BAD\ncursor.execute(f\"SELECT * FROM users WHERE id = {user_id}\")\n\n# GOOD - Parameterized query\ncursor.execute(\"SELECT * FROM users WHERE id = ?\", (user_id,))\n\n# GOOD - Named parameters\ncursor.execute(\n \"SELECT * FROM users WHERE name = :name\",\n {\"name\": name}\n)\n```\n\n### TypeScript + Prisma\n\n```typescript\n// BAD - Raw query with interpolation\nawait prisma.$queryRaw`SELECT * FROM users WHERE id = ${userId}`; // Actually safe!\nawait prisma.$queryRawUnsafe(`SELECT * FROM users WHERE id = ${userId}`); // UNSAFE!\n\n// GOOD - Prisma methods\nconst user = await prisma.user.findUnique({ where: { id: userId } });\nconst users = await prisma.user.findMany({\n where: { name: { equals: name } }\n});\n\n// GOOD - Tagged template (safe in Prisma)\nawait prisma.$queryRaw`SELECT * FROM users WHERE id = ${userId}`;\n```\n\n### TypeScript + Node-Postgres\n\n```typescript\nimport { Pool } from 'pg';\n\n// BAD\nawait pool.query(`SELECT * FROM users WHERE id = ${userId}`);\n\n// GOOD - Parameterized query\nawait pool.query('SELECT * FROM users WHERE id = $1', [userId]);\n\n// GOOD - Named parameters (with helper)\nawait pool.query({\n text: 'SELECT * FROM users WHERE id = $1 AND name = $2',\n values: [userId, name]\n});\n```\n\n## Detection Patterns\n\n### Regex Patterns (for scanning)\n\n```python\nVULNERABLE_PATTERNS = [\n # f-strings in execute\n r'execute\\(f[\"\\']',\n r'execute\\(f`',\n\n # String concatenation in execute\n r'execute\\([\"\\'].*\\+',\n r'execute\\(.*\\+\\s*[\"\\']',\n\n # % formatting in execute\n r'execute\\([\"\\'].*%[sd]',\n r'execute\\([\"\\'].*%\\s*\\(',\n\n # .format() in execute\n r'execute\\([\"\\'].*\\.format\\(',\n\n # Unsafe raw queries\n r'\\$queryRawUnsafe',\n r'raw_sql\\s*=\\s*f[\"\\']',\n]\n```\n\n### Static Analysis Tools\n\n```bash\n# Python - bandit\npip install bandit\nbandit -r src/ -f json\n\n# JavaScript/TypeScript - eslint-plugin-security\nnpm install eslint-plugin-security\n# Add to .eslintrc: plugins: ['security']\n\n# SQL - sqlfluff\npip install sqlfluff\nsqlfluff lint my_queries.sql\n```\n\n## Remediation Examples\n\n### Before/After: Simple Query\n\n```python\n# BEFORE (vulnerable)\ndef get_user(user_id):\n query = f\"SELECT * FROM users WHERE id = {user_id}\"\n return cursor.execute(query).fetchone()\n\n# AFTER (safe)\ndef get_user(user_id):\n query = \"SELECT * FROM users WHERE id = %s\"\n return cursor.execute(query, (user_id,)).fetchone()\n```\n\n### Before/After: Search Query\n\n```python\n# BEFORE (vulnerable)\ndef search_users(name, email):\n query = f\"\"\"\n SELECT * FROM users\n WHERE name LIKE '%{name}%'\n AND email LIKE '%{email}%'\n \"\"\"\n return cursor.execute(query).fetchall()\n\n# AFTER (safe)\ndef search_users(name, email):\n query = \"\"\"\n SELECT * FROM users\n WHERE name LIKE %s\n AND email LIKE %s\n \"\"\"\n return cursor.execute(query, (f\"%{name}%\", f\"%{email}%\")).fetchall()\n```\n\n### Before/After: Dynamic Columns\n\n```python\n# BEFORE (vulnerable - column names can be injected)\ndef get_user_field(user_id, field):\n query = f\"SELECT {field} FROM users WHERE id = %s\"\n return cursor.execute(query, (user_id,)).fetchone()\n\n# AFTER (safe - whitelist column names)\nALLOWED_FIELDS = {'name', 'email', 'created_at'}\n\ndef get_user_field(user_id, field):\n if field not in ALLOWED_FIELDS:\n raise ValueError(f\"Invalid field: {field}\")\n query = f\"SELECT {field} FROM users WHERE id = %s\"\n return cursor.execute(query, (user_id,)).fetchone()\n```\n\n### Before/After: IN Clause\n\n```python\n# BEFORE (vulnerable)\ndef get_users_by_ids(ids):\n ids_str = \",\".join(str(id) for id in ids)\n query = f\"SELECT * FROM users WHERE id IN ({ids_str})\"\n return cursor.execute(query).fetchall()\n\n# AFTER (safe)\ndef get_users_by_ids(ids):\n placeholders = \",\".join([\"%s\"] * len(ids))\n query = f\"SELECT * FROM users WHERE id IN ({placeholders})\"\n return cursor.execute(query, tuple(ids)).fetchall()\n```\n\n## Edge Cases\n\n### ORDER BY / LIMIT\n\n```python\n# These can't be parameterized directly\n# Use whitelist validation\n\nALLOWED_ORDER = {'name', 'created_at', 'id'}\nALLOWED_DIRECTION = {'ASC', 'DESC'}\n\ndef get_users_sorted(order_by, direction, limit):\n if order_by not in ALLOWED_ORDER:\n order_by = 'id'\n if direction.upper() not in ALLOWED_DIRECTION:\n direction = 'ASC'\n if not isinstance(limit, int) or limit \u003c 1:\n limit = 10\n\n query = f\"SELECT * FROM users ORDER BY {order_by} {direction} LIMIT %s\"\n return cursor.execute(query, (limit,)).fetchall()\n```\n\n### Table Names\n\n```python\n# Table names can't be parameterized\n# Use whitelist validation\n\nALLOWED_TABLES = {'users', 'posts', 'comments'}\n\ndef get_from_table(table_name, id):\n if table_name not in ALLOWED_TABLES:\n raise ValueError(f\"Invalid table: {table_name}\")\n query = f\"SELECT * FROM {table_name} WHERE id = %s\"\n return cursor.execute(query, (id,)).fetchall()\n```\n\n## Testing for SQL Injection\n\n### Manual Tests\n\n```python\n# Test payloads\nPAYLOADS = [\n \"' OR '1'='1\",\n \"'; DROP TABLE users; --\",\n \"1; UPDATE users SET role='admin' WHERE id=1; --\",\n \"' UNION SELECT * FROM passwords --\",\n]\n\nfor payload in PAYLOADS:\n try:\n result = vulnerable_function(payload)\n print(f\"Possible vulnerability: {payload}\")\n except Exception as e:\n print(f\"Blocked or error: {e}\")\n```\n\n### Automated Testing\n\n```bash\n# sqlmap for comprehensive testing\nsqlmap -u \"http://localhost/api/users?id=1\" --batch --dbs\n\n# Custom pytest\npytest tests/security/test_sql_injection.py -v\n```\n","content_type":"text/markdown; charset=utf-8","language":"markdown","size":7031,"content_sha256":"ca88acc4a744c79424d1439f07c5756613a9703399c41035486c5ecbc6df388d"},{"filename":"skill-report.json","content":"{\n \"schema_version\": \"2.0\",\n \"meta\": {\n \"generated_at\": \"2026-01-16T22:44:30.160Z\",\n \"slug\": \"consiliency-security-audit\",\n \"source_url\": \"https://github.com/Consiliency/treesitter-chunker/tree/main/.ai-dev-kit/skills/security-audit\",\n \"source_ref\": \"main\",\n \"model\": \"claude\",\n \"analysis_version\": \"3.0.0\",\n \"source_type\": \"community\",\n \"content_hash\": \"3dba518b2cfa5e86bc89c3b719544f0f92cb9b536579502be985217035855ebc\",\n \"tree_hash\": \"f11ee32c18240ee53a42710bd2919459d33b9a65c0b6a35dd1188f4c63259f7b\"\n },\n \"skill\": {\n \"name\": \"security-audit\",\n \"description\": \"Detect common security vulnerabilities in code. Covers OWASP patterns, SQL injection, bare excepts, shell injection. Framework-agnostic.\",\n \"summary\": \"Detect common security vulnerabilities in code. Covers OWASP patterns, SQL injection, bare excepts, ...\",\n \"icon\": \"🔒\",\n \"version\": \"1.0.0\",\n \"author\": \"Consiliency\",\n \"license\": \"MIT\",\n \"category\": \"security\",\n \"tags\": [\n \"security\",\n \"vulnerability\",\n \"audit\",\n \"owasp\",\n \"code-review\"\n ],\n \"supported_tools\": [\n \"claude\",\n \"codex\",\n \"claude-code\"\n ],\n \"risk_factors\": [\n \"external_commands\",\n \"network\",\n \"filesystem\",\n \"env_access\"\n ]\n },\n \"security_audit\": {\n \"risk_level\": \"safe\",\n \"is_blocked\": false,\n \"safe_to_publish\": true,\n \"summary\": \"Educational documentation skill teaching security vulnerability detection. Contains only code examples showing VULNERABLE patterns (marked BAD) and SAFE alternatives. No executable code, no network calls, no file access beyond its own documentation files. Static findings are false positives caused by educational examples of vulnerabilities being flagged as if they were malicious code.\",\n \"risk_factor_evidence\": [\n {\n \"factor\": \"external_commands\",\n \"evidence\": [\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 3,\n \"line_end\": 3\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 7,\n \"line_end\": 20\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 20,\n \"line_end\": 26\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 26,\n \"line_end\": 34\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 34,\n \"line_end\": 38\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 38,\n \"line_end\": 45\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 45,\n \"line_end\": 49\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 49,\n \"line_end\": 55\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 55,\n \"line_end\": 61\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 61,\n \"line_end\": 69\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 69,\n \"line_end\": 73\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 73,\n \"line_end\": 86\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 86,\n \"line_end\": 90\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 90,\n \"line_end\": 105\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 105,\n \"line_end\": 109\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 109,\n \"line_end\": 117\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 117,\n \"line_end\": 121\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 121,\n \"line_end\": 132\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 132,\n \"line_end\": 136\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 136,\n \"line_end\": 142\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 142,\n \"line_end\": 148\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 148,\n \"line_end\": 171\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 171,\n \"line_end\": 175\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 175,\n \"line_end\": 202\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 202,\n \"line_end\": 206\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 206,\n \"line_end\": 229\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 229,\n \"line_end\": 235\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 235,\n \"line_end\": 270\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 270,\n \"line_end\": 277\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 277,\n \"line_end\": 277\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 11,\n \"line_end\": 18\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 18,\n \"line_end\": 24\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 24,\n \"line_end\": 39\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 39,\n \"line_end\": 43\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 43,\n \"line_end\": 58\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 58,\n \"line_end\": 62\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 62,\n \"line_end\": 76\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 76,\n \"line_end\": 80\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 80,\n \"line_end\": 82\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 82,\n \"line_end\": 83\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 83,\n \"line_end\": 92\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 92,\n \"line_end\": 93\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 93,\n \"line_end\": 97\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 97,\n \"line_end\": 101\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 101,\n \"line_end\": 111\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 111,\n \"line_end\": 117\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 117,\n \"line_end\": 121\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 138,\n \"line_end\": 142\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 142,\n \"line_end\": 154\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 154,\n \"line_end\": 160\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 160,\n \"line_end\": 170\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 170,\n \"line_end\": 174\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 174,\n \"line_end\": 192\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 192,\n \"line_end\": 196\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 196,\n \"line_end\": 210\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 210,\n \"line_end\": 214\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 214,\n \"line_end\": 226\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 226,\n \"line_end\": 232\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 232,\n \"line_end\": 249\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 249,\n \"line_end\": 253\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 253,\n \"line_end\": 264\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 264,\n \"line_end\": 270\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 270,\n \"line_end\": 285\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 285,\n \"line_end\": 289\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 289,\n \"line_end\": 295\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 246,\n \"line_end\": 246\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 119,\n \"line_end\": 119\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 125,\n \"line_end\": 125\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 130,\n \"line_end\": 130\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 116,\n \"line_end\": 116\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 38,\n \"line_end\": 38\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 49,\n \"line_end\": 49\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 53,\n \"line_end\": 53\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 57,\n \"line_end\": 57\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 64,\n \"line_end\": 70\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 70,\n \"line_end\": 73\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 73,\n \"line_end\": 82\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 82,\n \"line_end\": 87\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 87,\n \"line_end\": 97\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 97,\n \"line_end\": 100\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 100,\n \"line_end\": 109\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 109,\n \"line_end\": 114\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 114,\n \"line_end\": 120\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 120,\n \"line_end\": 123\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 123,\n \"line_end\": 131\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 131,\n \"line_end\": 136\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 136,\n \"line_end\": 141\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 141,\n \"line_end\": 144\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 144,\n \"line_end\": 156\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 156,\n \"line_end\": 161\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 161,\n \"line_end\": 165\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 165,\n \"line_end\": 168\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 168,\n \"line_end\": 177\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 177,\n \"line_end\": 182\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 182,\n \"line_end\": 185\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 185,\n \"line_end\": 188\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 188,\n \"line_end\": 194\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 194,\n \"line_end\": 209\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 209,\n \"line_end\": 231\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 231,\n \"line_end\": 235\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 235,\n \"line_end\": 238\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 246,\n \"line_end\": 250\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 250,\n \"line_end\": 256\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 256,\n \"line_end\": 264\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 264,\n \"line_end\": 268\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 268,\n \"line_end\": 273\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 273,\n \"line_end\": 277\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 277,\n \"line_end\": 289\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 289,\n \"line_end\": 291\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 291,\n \"line_end\": 294\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 294,\n \"line_end\": 296\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 296,\n \"line_end\": 297\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 297,\n \"line_end\": 305\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 305,\n \"line_end\": 314\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 314,\n \"line_end\": 318\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 318,\n \"line_end\": 325\n }\n ]\n },\n {\n \"factor\": \"network\",\n \"evidence\": [\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 179,\n \"line_end\": 179\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 187,\n \"line_end\": 187\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 190,\n \"line_end\": 190\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 193,\n \"line_end\": 193\n },\n {\n \"file\": \"cookbook/bare-except.md\",\n \"line_start\": 196,\n \"line_end\": 196\n },\n {\n \"file\": \"cookbook/sql-injection.md\",\n \"line_start\": 291,\n \"line_end\": 291\n },\n {\n \"file\": \"skill-report.json\",\n \"line_start\": 6,\n \"line_end\": 6\n }\n ]\n },\n {\n \"factor\": \"filesystem\",\n \"evidence\": [\n {\n \"file\": \"skill-report.json\",\n \"line_start\": 6,\n \"line_end\": 6\n }\n ]\n },\n {\n \"factor\": \"env_access\",\n \"evidence\": [\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 172,\n \"line_end\": 172\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 173,\n \"line_end\": 173\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 176,\n \"line_end\": 176\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 176,\n \"line_end\": 176\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 164,\n \"line_end\": 164\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 173,\n \"line_end\": 173\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 173,\n \"line_end\": 173\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 163,\n \"line_end\": 163\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 172,\n \"line_end\": 172\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 172,\n \"line_end\": 172\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 176,\n \"line_end\": 176\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 176,\n \"line_end\": 176\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 227,\n \"line_end\": 227\n },\n {\n \"file\": \"SKILL.md\",\n \"line_start\": 227,\n \"line_end\": 227\n }\n ]\n }\n ],\n \"critical_findings\": [],\n \"high_findings\": [],\n \"medium_findings\": [],\n \"low_findings\": [],\n \"dangerous_patterns\": [],\n \"files_scanned\": 4,\n \"total_lines\": 1110,\n \"audit_model\": \"claude\",\n \"audited_at\": \"2026-01-16T22:44:30.160Z\"\n },\n \"content\": {\n \"user_title\": \"Detect security vulnerabilities in code\",\n \"value_statement\": \"Security vulnerabilities like SQL injection and shell commands put applications at risk. This skill identifies OWASP patterns and provides specific remediation steps to fix issues before deployment.\",\n \"seo_keywords\": [\n \"security audit\",\n \"vulnerability detection\",\n \"SQL injection\",\n \"OWASP\",\n \"code review\",\n \"Claude\",\n \"Codex\",\n \"Claude Code\",\n \"security patterns\",\n \"secure coding\"\n ],\n \"actual_capabilities\": [\n \"Detect SQL injection patterns in Python and TypeScript code\",\n \"Identify shell injection vulnerabilities in subprocess calls\",\n \"Find bare except blocks that hide errors and bugs\",\n \"Detect hardcoded secrets in source code\",\n \"Provide remediation code for each vulnerability type\",\n \"Follow OWASP Top 10 and CWE guidelines\"\n ],\n \"limitations\": [\n \"Does not execute or scan files automatically\",\n \"Pattern matching is for reference only\",\n \"Framework-specific security needs separate skills\",\n \"Does not integrate with external security tools\"\n ],\n \"use_cases\": [\n {\n \"target_user\": \"Developers\",\n \"title\": \"Review code during development\",\n \"description\": \"Check your code for security issues before committing to version control.\"\n },\n {\n \"target_user\": \"Security teams\",\n \"title\": \"Train AI on vulnerability patterns\",\n \"description\": \"Provide AI assistants with knowledge to identify security risks in code reviews.\"\n },\n {\n \"target_user\": \"QA engineers\",\n \"title\": \"Create security test cases\",\n \"description\": \"Build test suites that check for common vulnerability patterns in your codebase.\"\n }\n ],\n \"prompt_templates\": [\n {\n \"title\": \"Quick vulnerability scan\",\n \"scenario\": \"Check code for issues\",\n \"prompt\": \"Scan this code for security vulnerabilities. Report findings with severity levels and remediation suggestions.\"\n },\n {\n \"title\": \"Database query review\",\n \"scenario\": \"Review database code\",\n \"prompt\": \"Review these database queries for SQL injection. Rewrite any vulnerable queries using parameterized statements.\"\n },\n {\n \"title\": \"Exception handling check\",\n \"scenario\": \"Audit exception handlers\",\n \"prompt\": \"Audit this code for bare except blocks and overly broad exception handling. Provide fixed versions.\"\n },\n {\n \"title\": \"Full security audit\",\n \"scenario\": \"Comprehensive code review\",\n \"prompt\": \"Perform a comprehensive security audit following OWASP guidelines. Check for SQL injection, shell injection, XSS, path traversal, hardcoded secrets, and improper exception handling. Report all findings with severity and fixes.\"\n }\n ],\n \"output_examples\": [\n {\n \"input\": \"Scan this Python code for security issues: cursor.execute(f\\\"SELECT * FROM users WHERE id = {user_id}\\\")\",\n \"output\": [\n \"CRITICAL: SQL Injection (CWE-89)\",\n \"File: user_service.py:45\",\n \"Pattern: f-string in execute()\",\n \"Fix: Use parameterized query\",\n \"cursor.execute(\\\"SELECT * FROM users WHERE id = %s\\\", (user_id,))\"\n ]\n },\n {\n \"input\": \"Review exception handling: try: do_work() except: pass\",\n \"output\": [\n \"MEDIUM: Bare except block (CWE-754)\",\n \"Catches KeyboardInterrupt and SystemExit\",\n \"Fix: Use specific exception types\",\n \"try: do_work() except ValueError as e: log.warning(f\\\"Invalid value: {e}\\\")\"\n ]\n },\n {\n \"input\": \"Check for shell injection risks in this code: os.system(f\\\"grep {user_input} log.txt\\\")\",\n \"output\": [\n \"HIGH: Shell Injection (CWE-78)\",\n \"User input directly in shell command\",\n \"Fix: Avoid shell=True, use list arguments\",\n \"subprocess.run([\\\"grep\\\", user_input, \\\"log.txt\\\"])\"\n ]\n }\n ],\n \"best_practices\": [\n \"Use parameterized queries for all database operations\",\n \"Catch specific exceptions instead of bare except blocks\",\n \"Validate and sanitize all user input before use\",\n \"Never hardcode secrets in source code\"\n ],\n \"anti_patterns\": [\n \"String concatenation in SQL queries\",\n \"Bare except: blocks that catch all exceptions\",\n \"User input passed directly to shell commands\",\n \"Disabling security features for convenience\"\n ],\n \"faq\": [\n {\n \"question\": \"What languages does this skill support?\",\n \"answer\": \"Python and TypeScript patterns are included. The concepts apply to any language with appropriate pattern adjustments.\"\n },\n {\n \"question\": \"Does this skill scan my files automatically?\",\n \"answer\": \"No. This skill provides patterns and guidance. The AI assistant uses the knowledge during code review conversations.\"\n },\n {\n \"question\": \"Can I integrate this with my CI pipeline?\",\n \"answer\": \"The patterns can be adapted for grep or linter rules. See the CI Integration section in SKILL.md for examples.\"\n },\n {\n \"question\": \"Is my code sent anywhere?\",\n \"answer\": \"No. This skill contains no network code. All analysis happens locally by the AI assistant.\"\n },\n {\n \"question\": \"How is this different from static analysis tools?\",\n \"answer\": \"This skill provides AI-powered reasoning and context-aware guidance. Use with tools like bandit or eslint for automated scanning.\"\n },\n {\n \"question\": \"Does this replace security training?\",\n \"answer\": \"No. Use this skill alongside security training and professional audits for comprehensive coverage.\"\n }\n ]\n },\n \"file_structure\": [\n {\n \"name\": \"cookbook\",\n \"type\": \"dir\",\n \"path\": \"cookbook\",\n \"children\": [\n {\n \"name\": \"bare-except.md\",\n \"type\": \"file\",\n \"path\": \"cookbook/bare-except.md\",\n \"lines\": 280\n },\n {\n \"name\": \"sql-injection.md\",\n \"type\": \"file\",\n \"path\": \"cookbook/sql-injection.md\",\n \"lines\": 296\n }\n ]\n },\n {\n \"name\": \"SKILL.md\",\n \"type\": \"file\",\n \"path\": \"SKILL.md\",\n \"lines\": 337\n }\n ]\n}\n","content_type":"application/json; charset=utf-8","language":"json","size":25952,"content_sha256":"5a41adfd4123e7622be025ce88bbbed88cb0eb2ae0ef939e0a2f471683eae398"}],"content_json":{"type":"doc","content":[{"type":"heading","attrs":{"level":1},"content":[{"text":"Security Audit Skill","type":"text"}]},{"type":"paragraph","content":[{"text":"Detect common security vulnerabilities during code review and development. Based on OWASP guidelines and common vulnerability patterns.","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Design Principle","type":"text"}]},{"type":"paragraph","content":[{"text":"This skill is ","type":"text"},{"text":"framework-generic","type":"text","marks":[{"type":"strong"}]},{"text":". It provides universal security patterns:","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Covers OWASP Top 10 and common CWEs","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Works with Python, TypeScript, and other languages","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Project-specific security requirements go in project-specific skills","type":"text"}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Variables","type":"text"}]},{"type":"table","attrs":{"layout":null},"content":[{"type":"tr","content":[{"type":"th","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Variable","type":"text"}]}]},{"type":"th","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Default","type":"text"}]}]},{"type":"th","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tr","content":[{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"SEVERITY_THRESHOLD","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"medium","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Minimum severity to report","type":"text"}]}]}]},{"type":"tr","content":[{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"SCAN_DEPTH","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"3","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Directory depth for scanning","type":"text"}]}]}]},{"type":"tr","content":[{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"INCLUDE_TESTS","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"false","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Include test files in scan","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Instructions","type":"text"}]},{"type":"paragraph","content":[{"text":"MANDATORY","type":"text","marks":[{"type":"strong"}]},{"text":" - Follow the Workflow steps below in order.","type":"text"}]},{"type":"ordered_list","attrs":{"order":1,"listStyle":"number"},"content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Identify security-sensitive code areas","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Check for common vulnerability patterns","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Report findings with severity","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Suggest remediation","type":"text"}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Red Flags - STOP and Reconsider","type":"text"}]},{"type":"paragraph","content":[{"text":"If you're about to:","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Write SQL with string concatenation","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Use bare ","type":"text"},{"text":"except:","type":"text","marks":[{"type":"code_inline"}]},{"text":" blocks","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Execute shell commands with user input","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Store secrets in code","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Disable security features \"temporarily\"","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"STOP","type":"text","marks":[{"type":"strong"}]},{"text":" -> Use parameterized queries -> Add specific exception handling -> Then proceed","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Cookbook","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"SQL Injection Prevention","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"IF: Writing database queries","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"THEN: Read and execute ","type":"text"},{"text":"./cookbook/sql-injection.md","type":"text","marks":[{"type":"code_inline"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Bare Except Handling","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"IF: Writing exception handlers","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"THEN: Read and execute ","type":"text"},{"text":"./cookbook/bare-except.md","type":"text","marks":[{"type":"code_inline"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Shell Injection Prevention","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"IF: Executing shell commands","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"THEN: Read and execute ","type":"text"},{"text":"./cookbook/shell-injection.md","type":"text","marks":[{"type":"code_inline"}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Vulnerability Patterns","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"SQL Injection (CWE-89)","type":"text"}]},{"type":"paragraph","content":[{"text":"BAD - String concatenation:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"python"},"content":[{"text":"# VULNERABLE\nquery = f\"SELECT * FROM users WHERE id = {user_id}\"\ncursor.execute(query)\n\nquery = \"SELECT * FROM users WHERE name = '\" + name + \"'\"","type":"text"}]},{"type":"paragraph","content":[{"text":"GOOD - Parameterized queries:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"python"},"content":[{"text":"# SAFE\ncursor.execute(\"SELECT * FROM users WHERE id = %s\", (user_id,))\n\n# SQLAlchemy\nsession.query(User).filter(User.id == user_id).first()\n\n# Prisma\nawait prisma.user.findUnique({ where: { id: userId } })","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Bare Except (CWE-754)","type":"text"}]},{"type":"paragraph","content":[{"text":"BAD - Catches everything:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"python"},"content":[{"text":"# VULNERABLE - hides bugs, catches KeyboardInterrupt\ntry:\n risky_operation()\nexcept:\n pass\n\n# VULNERABLE - too broad\nexcept Exception:\n log.error(\"Something failed\")","type":"text"}]},{"type":"paragraph","content":[{"text":"GOOD - Specific exceptions:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"python"},"content":[{"text":"# SAFE - specific exceptions\ntry:\n risky_operation()\nexcept ValueError as e:\n log.warning(f\"Invalid value: {e}\")\nexcept ConnectionError as e:\n log.error(f\"Connection failed: {e}\")\n raise","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Shell Injection (CWE-78)","type":"text"}]},{"type":"paragraph","content":[{"text":"BAD - User input in shell:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"python"},"content":[{"text":"# VULNERABLE\nos.system(f\"grep {user_input} /var/log/app.log\")\n\nimport subprocess\nsubprocess.run(f\"ls {directory}\", shell=True)","type":"text"}]},{"type":"paragraph","content":[{"text":"GOOD - Avoid shell, use lists:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"python"},"content":[{"text":"# SAFE - no shell\nsubprocess.run([\"grep\", user_input, \"/var/log/app.log\"])\n\n# SAFE - validated input\nif not re.match(r'^[a-zA-Z0-9_-]+

Security Audit Skill Detect common security vulnerabilities during code review and development. Based on OWASP guidelines and common vulnerability patterns. Design Principle This skill is framework-generic . It provides universal security patterns: - Covers OWASP Top 10 and common CWEs - Works with Python, TypeScript, and other languages - Project-specific security requirements go in project-specific skills Variables | Variable | Default | Description | |----------|---------|-------------| | SEVERITY THRESHOLD | medium | Minimum severity to report | | SCAN DEPTH | 3 | Directory depth for scan…

, directory):\n raise ValueError(\"Invalid directory name\")\nsubprocess.run([\"ls\", directory])","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Path Traversal (CWE-22)","type":"text"}]},{"type":"paragraph","content":[{"text":"BAD - User input in paths:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"python"},"content":[{"text":"# VULNERABLE\npath = f\"/uploads/{user_filename}\"\nwith open(path) as f:\n return f.read()","type":"text"}]},{"type":"paragraph","content":[{"text":"GOOD - Validate and sanitize:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"python"},"content":[{"text":"# SAFE\nfrom pathlib import Path\n\nupload_dir = Path(\"/uploads\").resolve()\nrequested = (upload_dir / user_filename).resolve()\n\nif not requested.is_relative_to(upload_dir):\n raise ValueError(\"Path traversal attempt\")\n\nwith open(requested) as f:\n return f.read()","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Hardcoded Secrets (CWE-798)","type":"text"}]},{"type":"paragraph","content":[{"text":"BAD - Secrets in code:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"python"},"content":[{"text":"# VULNERABLE\nAPI_KEY = \"sk-1234567890abcdef\"\nDB_PASSWORD = \"super_secret_password\"","type":"text"}]},{"type":"paragraph","content":[{"text":"GOOD - Environment variables:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"python"},"content":[{"text":"# SAFE\nimport os\n\nAPI_KEY = os.environ[\"API_KEY\"]\nDB_PASSWORD = os.environ[\"DB_PASSWORD\"]\n\n# Or with defaults for development\nAPI_KEY = os.getenv(\"API_KEY\", \"dev-key-only\")","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"XSS (CWE-79)","type":"text"}]},{"type":"paragraph","content":[{"text":"BAD - Unsanitized output:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"html"},"content":[{"text":"\u003c!-- VULNERABLE -->\n\u003cdiv>{{ user_input }}\u003c/div>","type":"text"}]},{"type":"paragraph","content":[{"text":"GOOD - Proper escaping:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"html"},"content":[{"text":"\u003c!-- SAFE - auto-escaped in most frameworks -->\n\u003cdiv>{{ user_input | e }}\u003c/div>\n\n\u003c!-- Or use textContent in JS -->\nelement.textContent = userInput; // Safe","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Severity Levels","type":"text"}]},{"type":"table","attrs":{"layout":null},"content":[{"type":"tr","content":[{"type":"th","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Severity","type":"text"}]}]},{"type":"th","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Impact","type":"text"}]}]},{"type":"th","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Examples","type":"text"}]}]}]},{"type":"tr","content":[{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"CRITICAL","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Data breach, RCE","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"SQL injection, shell injection","type":"text"}]}]}]},{"type":"tr","content":[{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"HIGH","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Data exposure, privilege escalation","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Path traversal, hardcoded secrets","type":"text"}]}]}]},{"type":"tr","content":[{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"MEDIUM","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Information disclosure","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Verbose errors, bare excepts","type":"text"}]}]}]},{"type":"tr","content":[{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"LOW","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Best practice violation","type":"text"}]}]},{"type":"td","attrs":{"colspan":1,"rowspan":1,"colwidth":null,"alignment":""},"content":[{"type":"paragraph","content":[{"text":"Missing input validation","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Detection Patterns","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Python Patterns to Search","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"python"},"content":[{"text":"VULNERABLE_PATTERNS = {\n \"sql_injection\": [\n r'execute\\([\\'\"].*%s.*[\\'\"].*%', # % formatting in SQL\n r'execute\\(f[\\'\"]', # f-string in SQL\n r'execute\\([\\'\"].*\\+', # String concat in SQL\n ],\n \"shell_injection\": [\n r'os\\.system\\(', # os.system\n r'subprocess\\..*shell=True', # shell=True\n r'eval\\(', # eval\n r'exec\\(', # exec\n ],\n \"bare_except\": [\n r'except\\s*:', # bare except\n ],\n \"hardcoded_secrets\": [\n r'password\\s*=\\s*[\\'\"]', # password = \"...\"\n r'api_key\\s*=\\s*[\\'\"]', # api_key = \"...\"\n r'secret\\s*=\\s*[\\'\"]', # secret = \"...\"\n ],\n}","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"TypeScript Patterns to Search","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"typescript"},"content":[{"text":"const VULNERABLE_PATTERNS = {\n sqlInjection: [\n /`SELECT.*\\$\\{/, // Template literal in SQL\n /\"SELECT.*\" \\+ /, // String concat in SQL\n ],\n xss: [\n /innerHTML\\s*=/, // innerHTML assignment\n /dangerouslySetInnerHTML/, // React dangerous prop\n ],\n shellInjection: [\n /exec\\([`'\"]/, // child_process.exec\n /spawn\\(.*shell:\\s*true/, // shell: true\n ],\n};","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Audit Workflow","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Step 1: Identify Sensitive Areas","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"markdown"},"content":[{"text":"Check these high-risk areas first:\n- Authentication/authorization code\n- Database queries\n- File operations\n- External API calls\n- User input handling\n- Serialization/deserialization","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Step 2: Run Pattern Scan","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"markdown"},"content":[{"text":"For each source file:\n Match against vulnerability patterns\n Record file, line, pattern matched\n Assess severity","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Step 3: Generate Report","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"markdown"},"content":[{"text":"# Security Audit Report\n\n## Summary\n- CRITICAL: 2\n- HIGH: 5\n- MEDIUM: 12\n\n## Critical Issues\n\n### 1. SQL Injection in user_service.py:45\nPattern: f-string in execute()\n```python\ncursor.execute(f\"SELECT * FROM users WHERE id = {user_id}\")","type":"text"}]},{"type":"paragraph","content":[{"text":"Fix","type":"text","marks":[{"type":"strong"}]},{"text":": Use parameterized query","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"python"},"content":[{"text":"cursor.execute(\"SELECT * FROM users WHERE id = %s\", (user_id,))","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":""},"content":[{"text":"\n## Integration\n\n### With /ai-dev-kit:execute-lane\n\nRun security audit in code-related lanes:\n\n```markdown\nLane: SL-API\n\nPost-implementation checks:\n1. ✓ Tests pass\n2. ✓ Lint clean\n3. ⚠️ Security audit: 2 MEDIUM issues\n\nReview security findings before merge.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"CI Integration","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"- name: Security Audit\n run: |\n # Check for vulnerable patterns\n grep -rn \"execute(f\" --include=\"*.py\" && exit 1 || true\n grep -rn \"shell=True\" --include=\"*.py\" && exit 1 || true\n grep -rn \"except:\" --include=\"*.py\" && echo \"Warning: bare except found\"","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Best Practices","type":"text"}]},{"type":"ordered_list","attrs":{"order":1,"listStyle":"number"},"content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Defense in depth","type":"text","marks":[{"type":"strong"}]},{"text":": Multiple layers of security","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Least privilege","type":"text","marks":[{"type":"strong"}]},{"text":": Minimum permissions needed","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Input validation","type":"text","marks":[{"type":"strong"}]},{"text":": Validate all external input","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Output encoding","type":"text","marks":[{"type":"strong"}]},{"text":": Escape output appropriately","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Secrets management","type":"text","marks":[{"type":"strong"}]},{"text":": Never hardcode secrets","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Error handling","type":"text","marks":[{"type":"strong"}]},{"text":": Don't expose internal details","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Logging","type":"text","marks":[{"type":"strong"}]},{"text":": Log security events (not sensitive data)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Updates","type":"text","marks":[{"type":"strong"}]},{"text":": Keep dependencies updated","type":"text"}]}]}]},{"type":"hr","attrs":{"markup":"---"}}]},"metadata":{"date":"2026-06-05","name":"security-audit","author":"@skillopedia","source":{"stars":336,"repo_name":"marketplace","origin_url":"https://github.com/aiskillstore/marketplace/blob/HEAD/skills/consiliency/security-audit/SKILL.md","repo_owner":"aiskillstore","body_sha256":"650117198b20e4ec414dd8883c787303f4b34016ad6a675ccee5ddfbb5d19f2f","cluster_key":"fe467510d9ad2cb2cbf21c07269707a3d5b908cdc93c25a40b5f7d60a6906741","clean_bundle":{"format":"clean-skill-bundle-v1","source":"aiskillstore/marketplace/skills/consiliency/security-audit/SKILL.md","attachments":[{"id":"b516a9ff-04ee-5998-9285-8e276b603be8","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/b516a9ff-04ee-5998-9285-8e276b603be8/attachment.md","path":"cookbook/bare-except.md","size":6282,"sha256":"55db432538f1b0fae86acb35e71408f0136bbb8de3d5693a8b804d073393dfc1","contentType":"text/markdown; charset=utf-8"},{"id":"a8b2950d-3fb4-5a31-8aa4-0f16849676de","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/a8b2950d-3fb4-5a31-8aa4-0f16849676de/attachment.md","path":"cookbook/sql-injection.md","size":7031,"sha256":"ca88acc4a744c79424d1439f07c5756613a9703399c41035486c5ecbc6df388d","contentType":"text/markdown; charset=utf-8"},{"id":"bd34c475-a60d-58b1-80ac-e1daf6539f74","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/bd34c475-a60d-58b1-80ac-e1daf6539f74/attachment.json","path":"skill-report.json","size":25952,"sha256":"5a41adfd4123e7622be025ce88bbbed88cb0eb2ae0ef939e0a2f471683eae398","contentType":"application/json; charset=utf-8"}],"bundle_sha256":"c7eadefbc0e26bdc358bca46221326d4073d9c19b676f2972aebdc82d1e03f90","attachment_count":3,"text_attachments":3,"attachment_storage":"skillopedia-attachments-v1","binary_attachments":0,"excluded_attachments":[]},"cluster_size":1,"skill_md_path":"skills/consiliency/security-audit/SKILL.md","import_metadata":{"date":"2026-06-05","author":"@skillopedia","version":"v1","category":"security","category_label":"Security"},"exact_dupes_collapsed_into_this":0},"version":"v1","category":"security","import_tag":"clean-skills-v1","description":"Detect common security vulnerabilities in code. Covers OWASP patterns, SQL injection, bare excepts, shell injection. Framework-agnostic."}},"renderedAt":1782989612398}

Security Audit Skill Detect common security vulnerabilities during code review and development. Based on OWASP guidelines and common vulnerability patterns. Design Principle This skill is framework-generic . It provides universal security patterns: - Covers OWASP Top 10 and common CWEs - Works with Python, TypeScript, and other languages - Project-specific security requirements go in project-specific skills Variables | Variable | Default | Description | |----------|---------|-------------| | SEVERITY THRESHOLD | medium | Minimum severity to report | | SCAN DEPTH | 3 | Directory depth for scan…