alirezarezvani/security-auditor
skills/security/security-auditor/SKILL.md
Continuous security vulnerability scanning for OWASP Top 10, common vulnerabilities, and insecure patterns. Use when reviewing code, before deployments, or on file changes. Scans for SQL injection, XSS, secrets exposure, auth issues. Triggers on file changes, security mentions, deployment prep.
$ install --global
skillsauthnpx skillsauth add alirezarezvani/claude-code-tresor security-auditorInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 3, 2026, 3:33 PM5.1s2 files scanned
SKILL.md
- name:
- security-auditor
- description:
- Continuous security vulnerability scanning for OWASP Top 10, common vulnerabilities, and insecure patterns. Use when reviewing code, before deployments, or on file changes. Scans for SQL injection, XSS, secrets exposure, auth issues. Triggers on file changes, security mentions, deployment prep.
- allowed-tools:
- Read, Grep, Bash
Security Auditor Skill
Automatic security vulnerability detection.
When I Activate
- ✅ Code files modified (especially auth, API, database)
- ✅ User mentions security or vulnerabilities
- ✅ Before deployments or commits
- ✅ Dependency changes
- ✅ Configuration file changes
What I Scan For
OWASP Top 10 Patterns
1. SQL Injection
// CRITICAL: SQL injection
const query = `SELECT * FROM users WHERE id = ${userId}`;
// SECURE: Parameterized query
const query = 'SELECT * FROM users WHERE id = ?';
db.query(query, [userId]);
2. XSS (Cross-Site Scripting)
// CRITICAL: XSS vulnerability
element.innerHTML = userInput;
// SECURE: Use textContent or sanitize
element.textContent = userInput;
// or
element.innerHTML = DOMPurify.sanitize(userInput);
3. Authentication Issues
// CRITICAL: Weak JWT secret
const token = jwt.sign(payload, 'secret123');
// SECURE: Strong secret from environment
const token = jwt.sign(payload, process.env.JWT_SECRET);
4. Sensitive Data Exposure
# CRITICAL: Exposed password
password = "admin123"
# SECURE: Environment variable
password = os.getenv("DB_PASSWORD")
5. Broken Access Control
// CRITICAL: No authorization check
app.delete('/api/users/:id', (req, res) => {
User.delete(req.params.id);
});
// SECURE: Authorization check
app.delete('/api/users/:id', auth, checkOwnership, (req, res) => {
User.delete(req.params.id);
});
Additional Security Checks
- Insecure Deserialization
- Security Misconfiguration
- Insufficient Logging
- CSRF Protection Missing
- CORS Misconfiguration
Alert Format
🚨 CRITICAL: [Vulnerability type]
📍 Location: file.js:42
🔧 Fix: [Specific remediation]
📖 Reference: [OWASP/CWE link]
Severity Levels
- 🚨 CRITICAL: Must fix immediately (exploitable vulnerabilities)
- ⚠️ HIGH: Should fix soon (security weaknesses)
- 📋 MEDIUM: Consider fixing (potential issues)
- 💡 LOW: Best practice improvements
Real-World Examples
SQL Injection Detection
// You write:
app.get('/users', (req, res) => {
const sql = `SELECT * FROM users WHERE name = '${req.query.name}'`;
db.query(sql, (err, results) => res.json(results));
});
// I alert:
🚨 CRITICAL: SQL injection vulnerability (line 2)
📍 File: routes/users.js, Line 2
🔧 Fix: Use parameterized queries
const sql = 'SELECT * FROM users WHERE name = ?';
db.query(sql, [req.query.name], ...);
📖 https://owasp.org/www-community/attacks/SQL_Injection
Password Storage
# You write:
def create_user(username, password):
user = User(username=username, password=password)
user.save()
# I alert:
🚨 CRITICAL: Storing plain text password (line 2)
📍 File: models.py, Line 2
🔧 Fix: Hash passwords before storing
from bcrypt import hashpw, gensalt
hashed = hashpw(password.encode(), gensalt())
user = User(username=username, password=hashed)
📖 Use bcrypt, scrypt, or argon2 for password hashing
API Key Exposure
// You write:
const stripe = require('stripe')('sk_live_abc123...');
// I alert:
🚨 CRITICAL: Hardcoded API key detected (line 1)
📍 File: payment.js, Line 1
🔧 Fix: Use environment variables
const stripe = require('stripe')(process.env.STRIPE_SECRET_KEY);
📖 Never commit API keys to version control
Dependency Scanning
I can run security audits on dependencies:
# Node.js
npm audit
# Python
pip-audit
# Results flagged with severity
Relationship with @code-reviewer Sub-Agent
Me (Skill): Quick vulnerability pattern detection @code-reviewer (Sub-Agent): Deep security audit with threat modeling
Workflow
- I detect vulnerability pattern
- I flag: "🚨 SQL injection detected"
- You want full analysis → Invoke @code-reviewer sub-agent
- Sub-agent provides comprehensive security audit
Common Vulnerability Patterns
Authentication
- Weak password policies
- Missing MFA
- Session fixation
- Insecure password storage
Authorization
- Missing access control
- Privilege escalation
- IDOR (Insecure Direct Object Reference)
Data Protection
- Unencrypted sensitive data
- Weak encryption algorithms
- Missing HTTPS
- Insecure cookies
Input Validation
- SQL injection
- Command injection
- XSS
- Path traversal
Sandboxing Compatibility
Works without sandboxing: ✅ Yes Works with sandboxing: ✅ Yes
Optional: For dependency scanning
{
"network": {
"allowedDomains": [
"registry.npmjs.org",
"pypi.org",
"api.github.com"
]
}
}
Integration with Tools
With secret-scanner Skill
security-auditor: Checks code patterns
secret-scanner: Checks for exposed secrets
Together: Comprehensive security coverage
With /review Command
/review --scope staged --checks security
# Workflow:
# 1. My automatic security findings
# 2. @code-reviewer sub-agent deep audit
# 3. Comprehensive security report
Customization
Add company-specific security patterns:
cp -r ~/.claude/skills/security/security-auditor \
~/.claude/skills/security/company-security-auditor
# Edit SKILL.md to add:
# - Internal API patterns
# - Company security policies
# - Custom vulnerability checks
Learn More
- OWASP Top 10
- CWE Top 25
- Security Best Practices
Related Skills
alirezarezvani/secret-scanner
development
VerifiedTrustedCommunity
Detect exposed secrets, API keys, credentials, and tokens in code. Use before commits, on file saves, or when security is mentioned. Prevents accidental secret exposure. Triggers on file changes, git commits, security checks, .env file modifications.
662SKILL.mdUpdated Apr 3, 2026
alirezarezvani/dependency-auditor
testing
VerifiedTrustedCommunity
Check dependencies for known vulnerabilities using npm audit, pip-audit, etc. Use when package.json or requirements.txt changes, or before deployments. Alerts on vulnerable dependencies. Triggers on dependency file changes, deployment prep, security mentions.
662SKILL.mdUpdated Apr 3, 2026
alirezarezvani/readme-updater
development
VerifiedTrustedCommunity
Keep README files current with project changes. Use when project structure changes, features added, or setup instructions modified. Suggests README updates based on code changes. Triggers on significant project changes, new features, dependency changes.
662SKILL.mdUpdated Apr 3, 2026
alirezarezvani/api-documenter
development
VerifiedTrustedCommunity
Auto-generate API documentation from code and comments. Use when API endpoints change, or user mentions API docs. Creates OpenAPI/Swagger specs from code. Triggers on API file changes, documentation requests, endpoint additions.
662SKILL.mdUpdated Apr 3, 2026