security-sensitive-change-review
OfficialPrevent auth and secret risks before they ship.
Software Engineering#authorization#authentication#security review#secrets#migration safety#supabase rls#clerk middleware
AuthorCOCOSiL-inc
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Review changes that could accidentally weaken authentication, authorization, or exposure of secrets, and reduce the chance of unsafe migrations or risky deployments.
Core Features & Use Cases
- Secret and environment safety checks: Verifies that secrets are not exposed and that server-only environment variables are accessed via getServerEnv() rather than process.env in unsafe contexts.
- Auth/authz boundary validation: Confirms Clerk middleware routing changes do not broaden access unintentionally and that Supabase Row Level Security (RLS) policies cover all required actions.
- Data access and destructive operation safeguards: Assesses migration safety, deployment risk, and whether audit logging is preserved, with special attention to protected Layer2 prompt/data areas.
Quick Start
Use the security-sensitive-change-review skill to audit a proposed change to Supabase RLS policies, Clerk middleware routing, Next.js API routes, or database/deployment steps.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: security-sensitive-change-review Download link: https://github.com/COCOSiL-inc/COCOSiL_Analysis_V2/archive/main.zip#security-sensitive-change-review Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.