ao-cyber-systems/security-audit
plugins/devflow/skills/security-audit/SKILL.md
Scan the codebase for security vulnerabilities — checks for secrets, auth flaws, dependency risks, and OWASP Top 10 issues. Standalone — works without project setup. Covers secrets, auth, dependencies, and code-level vulnerabilities. Triggers on: "security audit", "scan for vulnerabilities", "check for secrets", "security review", "find security issues"
development
Updated May 5, 2026
$ install --global
skillsauthnpx skillsauth add ao-cyber-systems/devflow-claude security-auditInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 5, 2026, 4:03 AM305.0s1 file scanned
SKILL.md
- name:
- security-audit
- description:
- |
- Triggers on:
- security audit", "scan for vulnerabilities", "check for secrets", "security review", "find security issues
- argument-hint:
- [optional: path scope like 'src/api' or focus filter like 'secrets-only', 'auth-only', 'deps-only']
<objective>
Scan codebase for security vulnerabilities using 3 parallel security-auditor agents, each covering a different domain. Agents write findings directly to temp files. Orchestrator merges, deduplicates, ranks by severity, and produces a final SECURITY-AUDIT.md report.
This is a standalone command — no .planning/ directory or DevFlow project state required. Works on any codebase.
Output: SECURITY-AUDIT.md (in .planning/ if it exists, otherwise project root).
</objective>
<execution_context> @~/.claude/devflow/workflows/security-audit.md </execution_context>
<context> Arguments: $ARGUMENTS (optional)Supported argument formats:
- Path scope:
src/api— limits scan to a subdirectory - Focus filter:
secrets-only— runs only the secrets-and-code agent - Focus filter:
auth-only— runs only the auth-and-access agent - Focus filter:
deps-only— runs only the config-and-deps agent - Combination:
src/api secrets-only— scoped + filtered
This command can run:
- On any codebase, at any time — no DevFlow initialization required
- Before
/devflow:new-project— assess security posture of brownfield codebase - After major changes — re-audit for regressions
- As part of release prep — generate audit report for review </context>
<when_to_use> Use security-audit for:
- Initial security assessment of a codebase
- Checking for hardcoded secrets before open-sourcing
- Reviewing auth/authz patterns after changes
- Dependency vulnerability awareness
- Pre-release security checklist
- Onboarding to an unfamiliar codebase (security perspective)
Skip security-audit for:
- Codebases with zero source files (nothing to scan)
- If you just need to check one specific file (manual review is faster) </when_to_use>
<success_criteria>
- [ ] Init context loaded (model, stack, output path)
- [ ] Agents spawned with correct focus modes
- [ ] Agents wrote findings to
.security-audit-tmp/ - [ ] Findings merged, deduplicated, sorted by severity
- [ ] SECURITY-AUDIT.md written with YAML frontmatter
- [ ] Temp directory cleaned up
- [ ] No secret values in any output
- [ ] User presented with actionable summary </success_criteria>
Related Skills
ao-cyber-systems/flow
development
VerifiedTrustedCommunity
Orchestrate a multi-step DevFlow workflow by chaining skills. Use when the user wants to invoke a sequence of skills as one ask (e.g., "build and sync to github", "research, plan, then build", "ship and announce"). Triggers on: "ship X to Y", "build and X", "plan and X", "X then Y", "in one go", "as a chain", "all in sequence", "chain", "ship-and-sync", "research-plan-build"
SKILL.mdUpdated May 26, 2026
ao-cyber-systems/new-monorepo
testing
VerifiedTrustedCommunity
Stamp a new polyglot monorepo using the AO Cyber Systems scaffold — root CLAUDE.md with Layout table, per-area CLAUDE.md, path-filtered CI workflows, comprehensive .gitignore, and the no-binaries pre-commit hook config. Use this for new product monorepos (the 5-monorepo architecture: aodex, aosentry, eden-biz, politihub, aohealth, plus future ones). Triggers on: "new monorepo", "scaffold a monorepo", "set up a monorepo", "create a new product monorepo".
SKILL.mdUpdated May 12, 2026
ao-cyber-systems/monorepo-doctor
development
VerifiedTrustedCommunity
Validate that a monorepo follows the AO Cyber Systems layout convention — root CLAUDE.md declares every area, every area has its own CLAUDE.md, no compiled binaries are tracked in git. Reads the root `CLAUDE.md` Layout table, walks the working tree, and reports drift in a single Markdown summary. Standalone — works on any repo. Triggers on: "audit monorepo layout", "monorepo doctor", "is this monorepo healthy?", "check the layout", "find binaries in the repo".
SKILL.mdUpdated May 12, 2026
ao-cyber-systems/eden-web:frontend-design
development
VerifiedTrustedCommunity
Build, review, or visually inspect web pages using Hugo templates, Tailwind CSS, and the project's brand design system. Use when the user wants to create new pages, design components, audit existing UI, review frontend code, or visually test rendered pages. Triggers on: "build the UI", "design this page", "create a page", "review the frontend", "audit the UI", "check UI consistency", "make it look good", "frontend review", "visual review", "check how it looks", "inspect the page"
SKILL.mdUpdated May 12, 2026