ReddRadar
Agent skill
security-audit
Run a Maestro-style security assessment for authentication, authorization, data exposure, secret handling, and exploitability risks
Install this agent skill to your Project
npx add-skill https://github.com/josstei/maestro-orchestrate/tree/main/plugins/maestro/skills/security-audit
SKILL.md
Read ../../references/runtime-guide.md.
Call get_skill_content with resources: ["architecture", "delegation"].
Call get_agent with agents: ["security-engineer"].
Workflow
- Define the audit scope from the user request and relevant code paths
- Trace trust boundaries, auth flows, secret handling, and data exposure paths
- Review for exploitable flaws, unsafe defaults, OWASP Top 10 vulnerabilities, and high-risk dependencies
- Classify findings by severity (CVSS-aligned) with file references and exploitability assessment
- Provide remediation guidance with the highest-risk issues first
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
josstei/maestro-orchestrate
execute
Execute an approved Maestro implementation plan using the shared session-state contract
josstei/maestro-orchestrate
orchestrate
Run the full Maestro workflow for complex engineering tasks that need a mandatory design dialogue, approved implementation plan, and then execution with shared session state
josstei/maestro-orchestrate
resume
Resume an interrupted Maestro session using the existing active-session file and shared phase tracking
josstei/maestro-orchestrate
execute
Execute an approved Maestro implementation plan using the shared session-state contract
josstei/maestro-orchestrate
orchestrate
Run the full Maestro workflow for tasks that need design dialogue, implementation planning, shared session state, delegated execution, and review
josstei/maestro-orchestrate
resume
Resume the active Maestro session from docs/maestro state
Didn't find tool you were looking for?