speckit-security-review-staged
CommunitySpot security issues in staged diffs fast.
Software Engineering#OWASP#security review#vulnerability analysis#git diff#secrets detection#authz#staged diff
AuthorB0yZ4kr14
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It helps you focus a security review on exactly what is going to be committed, reducing noise from unrelated parts of the codebase and making security checks faster and more actionable.
Core Features & Use Cases
- Staged-only security review: Reviews only changes in the git index (cached/staged) instead of the entire repository.
- Change-driven scope detection: Detects changed files via Spec-Kit’s workflow scripts to determine the audit set.
- Security domain coverage: Evaluates diffs for injection risks, hardcoded secrets/credentials, auth/access-control gaps, insecure crypto, misconfiguration, validation failures, and dependency/supply-chain concerns.
- Spec-Kit compatible reporting: Produces findings with severity, location, OWASP category, CWE IDs, CVSS guidance, and remediation backlogs.
Quick Start
Run the staged security review for your current commit scope so the AI audits only what you are about to push.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: speckit-security-review-staged Download link: https://github.com/B0yZ4kr14/OrthoPlus-Enterprise/archive/main.zip#speckit-security-review-staged Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.