Agent skill

security-audit

Security auditing and vulnerability assessment specialist. Use when conducting security reviews, analyzing code for vulnerabilities, performing OWASP assessments, or creating security audit reports.

View SKILL.md on GitHub Repository
Stars 232
Forks 15

Install this agent skill to your Project

npx add-skill https://github.com/aiskillstore/marketplace/tree/main/skills/89jobrien/security-audit

SKILL.md

Security Audit Skill

Comprehensive security auditing covering code review, vulnerability assessment, OWASP Top 10, dependency analysis, and remediation planning.

What This Skill Does

  • Conducts security code reviews
  • Identifies vulnerabilities (CVSS scoring)
  • Performs OWASP Top 10 assessments
  • Audits authentication/authorization
  • Reviews data protection controls
  • Analyzes dependency vulnerabilities
  • Creates remediation roadmaps

When to Use

  • Security reviews before release
  • Compliance audits
  • Penetration test preparation
  • Incident response analysis
  • Dependency vulnerability assessment

Reference Files

  • references/SECURITY_AUDIT.template.md - Comprehensive security audit report format
  • references/owasp_checklist.md - OWASP Top 10 checklist with CVSS scoring and CWE references

Workflow

  1. Define scope and methodology
  2. Perform static/dynamic analysis
  3. Document findings by severity
  4. Map to OWASP categories
  5. Create remediation roadmap
  6. Verify fixes

Output Format

Security findings should include:

  • Severity (Critical/High/Medium/Low)
  • CVSS score and vector
  • CWE classification
  • Proof of concept
  • Remediation steps

Didn't find tool you were looking for?

Be as detailed as possible for better results