verify-security

Solid

Verify code for security issues including hardcoded secrets, input validation, error exposure, and dependency vulnerabilities. Use when asked to "verify security", "check for secrets", or "scan for vulnerabilities".

Code & Development 39 stars 5 forks Updated 4 days ago MIT

Install

View on GitHub

Quality Score: 86/100

Stars 20%
53
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
80
License 10%
100
Description 5%
100

Skill Content

# Security Verification ## Purpose Verify code for security anti-patterns and vulnerabilities. All analysis happens locally—code never leaves your machine. ## When to Use Trigger this skill when the user asks to: - "verify agent security" - "verify security" - "check for secrets" - "scan for vulnerabilities" - "security audit" > **Note:** For full verification including patterns, quality, and language-specific checks, tell the user to say **"verify agent"**. ## Process ### Step 1: Discover Files Locate files to analyze: **Configuration files:** - `package.json`, `pyproject.toml`, `Cargo.toml` - Dependencies - `.env`, `.env.example`, `.env.local` - Environment files - `config.py`, `settings.py`, `config.ts` - Configuration **Source files:** - `*.py`, `*.ts`, `*.js`, `*.go`, `*.rs` - Source code - Prioritize files with: `auth`, `api`, `client`, `secret`, `config` in name **Exclude:** - `node_modules/`, `.venv/`, `venv/`, `__pycache__/` - `*.test.*`, `*.spec.*`, `*_test.go` ### Step 2: Run Security Checks #### Check Tiers - **`[PATTERN]`** — Mechanical check. Apply exactly as written. - **`[HEURISTIC]`** — Judgment required. Mark findings clearly. Tag every finding with `[P]` for pattern or `[H]` for heuristic. --- #### 2.1 `[PATTERN]` Hardcoded Secrets Scan for assignments matching these patterns (case-insensitive): | Variable pattern | Fail condition | |------------------|----------------| | `API_KEY` | Assigned to string literal | | `SECRET` | Assigned to s...

Details

Author
Aurite-ai
Repository
Aurite-ai/agent-verifier
Created
2 months ago
Last Updated
4 days ago
Language
N/A
License
MIT

Integrates with

LangChain · AI

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Listed

security-audit

Audit code and dependencies for security vulnerabilities. Use when reviewing PRs, checking dependencies, preparing for deployment, or when user mentions security, vulnerabilities, or audit.

0 Updated today
israel7852
Code & Development Solid

verify-quality

Verify code quality including naming conventions, organization, documentation, and general best practices. Use when asked to "verify quality", "check code quality", or "review code organization".

39 Updated 4 days ago
Aurite-ai
Code & Development Listed

security-review

Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.

335 Updated today
aiskillstore
Code & Development Solid

security-review

Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.

27,681 Updated today
davila7
AI & Automation Solid

security-review

Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.

199,464 Updated today
affaan-m