openharmony-security-review
OfficialFind OpenHarmony C++ security flaws fast
Software Engineering#security review#c++#ipc#openharmony#thread safety#pii redaction#permission validation
Authoropenharmonyinsight
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It helps you systematically identify security vulnerabilities in privileged OpenHarmony system service C++ code, especially where untrusted data enters through IPC or network interfaces.
Core Features & Use Cases
- IPC & Deserialization Safety: Verifies MessageParcel reads are checked and that post-deserialization validation prevents size/logic exploitation.
- Multithreading & Concurrency Hardening: Detects container thread-safety issues, iterator invalidation, deadlock risk, and TOCTOU patterns.
- Sensitive Data & Permission Validation: Flags PII/pointer/address leakage in logs and ensures privileged operations validate caller permissions.
Quick Start
Use openharmony-security-review to audit an xxxService.cpp and its corresponding xxxStub.cpp for IPC input handling, concurrency hazards, sensitive logging, and permission checks.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: openharmony-security-review Download link: https://github.com/openharmonyinsight/openharmony-skills/archive/main.zip#openharmony-security-review Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.