codebase-security-audit
CommunityHarden your repo with an end-to-end security audit.
Authord-padmanabhan
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It eliminates security blind spots by running an end-to-end codebase review that finds secrets, vulnerable dependencies, injection paths, and infrastructure misconfigurations—then turns results into a prioritized remediation plan.
Core Features & Use Cases
- Eight-layer security coverage across Secrets, SAST, SCA, data-flow/taint, semantic/CPG, IaC, Custom rules, and DAST to make gaps explicit.
- Actionable remediation outputs including severity-ranked findings, .env templates, and a ready-to-use CI/CD continuous scanning approach.
- OWASP Top 10 (2021) focused checks with curated ripgrep playbooks per category to accelerate triage and fixes.
Quick Start
Use the skill to perform a full audit by telling your AI agent: "Run a security audit of this repository using the eight-layer model, map findings to OWASP Top 10, and generate a severity-ranked remediation plan plus CI/CD scanning workflow."
Dependency Matrix
Required Modules
None requiredComponents
references
đź’» Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: codebase-security-audit Download link: https://github.com/d-padmanabhan/agent-engineering-handbook/archive/main.zip#codebase-security-audit Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.