master-security-review
CommunityConfidence-calibrated security review for your project stack.
Software Engineering#code analysis#vulnerability assessment#security review#secure development#project security
AuthorNewEarthAI
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill provides a comprehensive security review for your project stack, identifying potential vulnerabilities and ensuring your application is secure.
Core Features & Use Cases
- Secure-by-Default Mode: Proactively writes secure patterns while coding.
- Passive Detection Mode: Flags HIGH-confidence findings while working on other tasks.
- Full Audit Mode: Conducts a complete 4-tier review with structured output.
- Automated Scanning: Runs hardcoded secrets, exposed service role keys, dangerous patterns, and external tools like gitleaks, npm audit, and semgrep.
- Pattern-Based Review: Searches for SQL injection, XSS, auth bypass, SSRF, IDOR, secrets exposure, RLS bypass, and file upload vulnerabilities.
- Data Flow Analysis: Traces input to sink and checks for sanitization/validation.
- Architecture Review: Verifies trust boundaries, API key taxonomy, and authentication patterns.
- Confidence Calibration: Flags findings with HIGH, MEDIUM, or LOW confidence based on criteria.
- Output Format: Provides a structured report with CRITICAL, HIGH, MEDIUM, and LOW severity findings.
Quick Start
Run a security review on this repo.
Dependency Matrix
Required Modules
gitleaksnpm auditsemgrep
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: master-security-review Download link: https://github.com/NewEarthAI/vibecode-project-template/archive/main.zip#master-security-review Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.