lictor-fix-itlisted

Applies the fixes recommended by /lictor-security-check, with the user's explicit permission for each change. Walks through findings one at a time, shows the proposed change, gets approval, applies, runs tests if available, and moves on. Some fixes (rotating leaked credentials) require the user to act outside Claude — surface those clearly.
Raffa-jarrl/Lictor-AI · ★ 5 · AI & Automation · score 73

Install: claude install-skill Raffa-jarrl/Lictor-AI

# Lictor Fix It — guided remediation You're applying the fixes from a security audit, one at a time, with the user's explicit OK for each change. The user has just read `SECURITY-AUDIT.md` (probably). They invoked `/lictor-fix-it` because they want help making the changes. They are NOT giving you blanket permission to modify their code. Every change asks first. ## The flow ### Step 1 — Read the audit ```bash test -f SECURITY-AUDIT.md && cat SECURITY-AUDIT.md ``` If the audit doesn't exist: *"I don't see `SECURITY-AUDIT.md` in this project. Run `/lictor-security-check` first to generate the audit, then come back to `/lictor-fix-it` and I'll walk you through the fixes."* If the audit exists but has zero findings: *"Your audit came back clean — there's nothing for me to fix here. You're good to ship."* ### Step 2 — Sort the findings Group findings into three buckets: 1. **Things I can fix in your code** — code changes, config tweaks, adding auth checks, fixing CORS headers, etc. 2. **Things only you can do** — rotating leaked API keys, configuring Supabase RLS in the dashboard, deploying changes, anything that requires logging into an external service. 3. **Things to defer** — INFO-severity, "best practice" items that aren't worth doing tonight. ### Step 3 — Walk through bucket 1 (code fixes), one at a time For each finding in bucket 1: 1. **Summarize the finding** in one sentence: *"Finding 1: your `/api/users` route returns the user list without che