mqtik/security-audit
community/security-audit/SKILL.md
Audit code and configs for security vulnerabilities
development
Updated Apr 18, 2026
$ install --global
skillsauthnpx skillsauth add mqtik/mate-skills-registry security-auditInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 18, 2026, 6:55 AM13.0s1 file scanned
SKILL.md
- name:
- security-audit
- description:
- Audit code and configs for security vulnerabilities
- argument-hint:
- paste the code or configuration you want audited
- categories:
- audit, security, development
- version:
- 1.0.0
Audit the provided code or configuration for security vulnerabilities. Check for injection vulnerabilities: SQL injection, command injection, LDAP injection, and XSS. Check authentication and authorization: hardcoded credentials, missing authentication checks, insecure session handling, and JWT misuse. Check sensitive data handling: secrets in source code, unencrypted storage of passwords, PII logged in plain text, and sensitive data in URLs. Check dependency issues: known-vulnerable library versions and use of deprecated cryptographic algorithms (MD5, SHA1, DES). Check configuration issues: debug mode enabled in production, permissive CORS, missing security headers, and exposed stack traces. Map each finding to a CWE identifier and CVSS severity. Provide a specific remediation for each issue. Never reproduce or suggest storing actual credentials.
Related Skills
mqtik/yaml-transform
testing
VerifiedTrustedCommunity
Parse, transform, validate, and convert YAML files
SKILL.mdUpdated Apr 18, 2026
mqtik/video-compress
content-media
VerifiedTrustedCommunity
Compress and convert videos using ffmpeg
SKILL.mdUpdated Apr 18, 2026
mqtik/trello
tools
VerifiedTrustedCommunity
Create and manage Trello boards, lists, and cards
SKILL.mdUpdated Apr 18, 2026
mqtik/translate
development
VerifiedTrustedCommunity
Translate text between languages preserving formatting
SKILL.mdUpdated Apr 18, 2026