bitwisecook/irule-review
ai/claude/skills/irule-review/SKILL.md
Security and safety review of an F5 iRule. Combines LSP static analysis (security, taint, thread safety diagnostics) with deep analysis of input validation, information leakage, race conditions, and DoS vectors. Use when reviewing iRule security, auditing F5 iRule safety, performing iRule penetration testing, or checking iRule code for vulnerabilities.
$ install --global
skillsauthnpx skillsauth add bitwisecook/tcl-lsp irule-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 3, 2026, 8:33 PM224.4s1 file scanned
SKILL.md
- name:
- irule-review
- description:
- Security and safety review of an F5 iRule. Combines LSP static analysis (security, taint, thread safety diagnostics) with deep analysis of input validation, information leakage, race conditions, and DoS vectors. Use when reviewing iRule security, auditing F5 iRule safety, performing iRule penetration testing, or checking iRule code for vulnerabilities.
- allowed-tools:
- Bash, Read
iRule Security Review
Perform a comprehensive security review combining static analysis with deep analysis.
Steps
- Read the domain knowledge from
ai/prompts/irules_system.md - Read the iRule file to review
- Run the security-focused analysis:
uv run --no-dev python ai/claude/tcl_ai.py review $FILE - If the tool fails (e.g. file not found or parse error), report the error clearly and suggest fixes
- Present the static analysis findings (security, taint, thread safety)
- Go beyond the static analysis. Check for:
- Input validation gaps (HTTP::uri, HTTP::query, HTTP::header, HTTP::cookie used without sanitisation)
- Information leakage in logs or HTTP::respond bodies
- Race conditions with shared state (static:: variables, table commands)
- Denial of service vectors (unbounded loops, expensive operations in hot events)
- Header injection possibilities (user data in HTTP::header insert/replace)
- Open redirect vulnerabilities (HTTP::redirect with user-controlled values)
- Session handling issues
- For each finding, explain the risk and suggest a fix
Diagnostic codes reference
See docs/generated/diagnostic_codes.md for the full auto-generated table of security and taint diagnostic codes.
Output format
Static Analysis Findings
(from the review tool output)
Deep Analysis
(your security analysis beyond what static analysis can detect)
- Group findings by severity (critical, high, medium, low)
- For each finding, include: description, affected line(s), risk level, recommended fix
$ARGUMENTS
Related Skills
bitwisecook/tcl-optimise
development
VerifiedTrustedCommunity
Apply LSP optimiser suggestions to a Tcl file and explain why each optimisation is safe and beneficial. Covers constant folding, propagation, dead code elimination, strength reduction, and expression canonicalisation. Use when optimising Tcl code, improving .tcl file performance, refactoring Tcl scripts for efficiency, or applying language server optimisation suggestions.
34SKILL.mdUpdated Apr 3, 2026
bitwisecook/irule-optimise
development
VerifiedTrustedCommunity
Apply LSP optimiser suggestions to an F5 iRule and explain why each optimisation is safe and beneficial. Covers constant folding, propagation, dead code elimination, strength reduction, and expression canonicalisation. Use when optimising iRule code, improving iRule performance, applying F5 iRule optimisations, or refactoring iRules for efficiency.
34SKILL.mdUpdated Apr 3, 2026
bitwisecook/tk-create
development
VerifiedTrustedCommunity
Create Tk GUI code from a description with proper widget hierarchy. Generates the code, validates with the LSP analyser (including TK-specific checks), and iterates until clean. Use when creating Tk GUIs, generating Tcl/Tk code from descriptions, building Tk widget layouts, or scaffolding Tk applications.
29SKILL.mdUpdated Apr 3, 2026
bitwisecook/tcl-validate
development
VerifiedTrustedCommunity
Run full LSP validation on a Tcl file and produce a categorised report of all issues: errors, security, style, and optimiser suggestions. Use when validating Tcl code, linting .tcl files, checking Tcl script quality, or running static analysis on Tcl scripts.
29SKILL.mdUpdated Apr 3, 2026