agent-security-review
CommunityCatch obvious security issues in PRs
Authorqueen-of-code
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Provides a lightweight, focused security review for a single pull request or change set to find obvious vulnerabilities, leaked secrets, misconfigurations, and authorization gaps that should be flagged before advanced security review or deployment.
Core Features & Use Cases
- Secrets & credentials detection: Identify committed keys, tokens, PEM files, and insecure environment variable patterns.
- Auth & access checks: Highlight missing authorization checks, IDOR risks, and deviations from the approved tech spec.
- Dependencies and config hygiene: Call out risky dependency changes, unpinned base images, and debug/default credentials in configs.
- Use Case: Run this as a review-phase pass to generate blocking vs advisory findings and feed results to the /review orchestrator for PR comments and a review-report.md entry.
Quick Start
Run a security review on this PR and produce blocking or advisory findings with file references for the /review orchestrator.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: agent-security-review Download link: https://github.com/queen-of-code/AI-DLC/archive/main.zip#agent-security-review Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.