ai-saas-security-review
CommunityAudit AI SaaS security across all threat layers
Authortlennon-ie
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps you reliably assess whether an AI SaaS is protected against common web security failures and AI-specific abuse (like prompt injection, jailbreaks, and system-prompt extraction), before vulnerabilities become incidents.
Core Features & Use Cases
- Threat-layer security review: Organizes findings across identity, authorization, input, AI, action, and observability layers so severity judgments stay consistent.
- OWASP + AI-specific checks: Covers classical web risks (authz, injection, XSS, CSRF, uploads, redirects, headers) plus AI risks (direct/indirect injection via memory or uploads, tool-output injection, jailbreak patterns).
- Production hardening procedures: Provides concrete audit playbooks for RLS, webhook verification, secret scanning, rate limiting, admin surface protection, and a structured finding format.
Quick Start
Use this skill to review a pull request by mapping each code change to the six threat layers and producing CRITICAL/HIGH findings with repro steps and actionable fixes.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: ai-saas-security-review Download link: https://github.com/tlennon-ie/product-building-agents/archive/main.zip#ai-saas-security-review Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.