security-review-subagent
OfficialFind security redlines before review
Software Engineering#pull request#security review#prompt injection#structured findings#untrusted input#Markdown report#capability creep
Authorrazorpay
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It helps teams catch security-shaped issues in a PR by running a bounded, fresh-context security review and returning structured findings the reviewer can act on.
Core Features & Use Cases
- Per-PR security judgement: Reviews the branch diff against a canonical six-check brief, with citations to file/line and a suggested fix.
- Deterministic subagent contract: Uses a fixed brief template with placeholders for branch/base to keep results consistent run-to-run.
- Coverage for common PR risk surfaces: Flags redlines, capability creep, untrusted-input misuse, output exposure, injection-vulnerable shapes, and unscoped capabilities.
Quick Start
Run the Claude Code skill by saying: start the security review on this branch.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: security-review-subagent Download link: https://github.com/razorpay/ai-playbook/archive/main.zip#security-review-subagent Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.