security-audit

Solid

Security scanning and vulnerability detection. Use when: authentication, authorization, payment processing, user data. Skip when: read-only operations, internal tooling.

AI & Automation 56,717 stars 6459 forks Updated today MIT

Install

View on GitHub

Quality Score: 91/100

Stars 20%

100

Recency 20%

100

Frontmatter 20%

Documentation 15%

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# Security Audit Skill ## Purpose Security scanning and vulnerability detection. ## When to Trigger - authentication - authorization - payment processing - user data ## When to Skip - read-only operations - internal tooling ## Commands ### Full Security Scan Run comprehensive security analysis ```bash npx @claude-flow/cli security scan --depth full ``` ### Input Validation Check Check for input validation issues ```bash npx @claude-flow/cli security scan --check input-validation ``` ## Best Practices 1. Check memory for existing patterns before starting 2. Use hierarchical topology for coordination 3. Store successful patterns after completion 4. Document any new learnings

Details

Author: ruvnet
Repository: ruvnet/ruflo
Created: 12 months ago
Last Updated: today
Language: TypeScript
License: MIT

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Listed

security-audit

Audit code and dependencies for security vulnerabilities. Use when reviewing PRs, checking dependencies, preparing for deployment, or when user mentions security, vulnerabilities, or audit.

0 Updated today

israel7852

AI & Automation Solid

skill-security-auditor

Security auditing for code, configs, and infrastructure. Use when the user wants to audit or improve security: scan for vulnerabilities (SQL injection, XSS, command injection, path traversal), detect hardcoded secrets and credentials, review auth and authorization, check dependencies for known CVEs, audit config files for insecure defaults, or generate security reports. Trigger on "security audit", "vulnerability scan", "code review for security", "find secrets", "check for vulnerabilities", "OWASP", "CVE", or questions about code security.

14,162 Updated yesterday

eigent-ai

AI & Automation Listed

security-sentinel

Performs security audits, vulnerability assessments, SSL/TLS hardening, DNSSEC configuration, and compliance checks. Covers OWASP Top 10, CIS Benchmarks, email security (SPF/DKIM/DMARC), and network reconnaissance. Use this skill when the user asks for a security audit, vulnerability scan, penetration test, SSL hardening, DNSSEC setup, compliance check, or security posture assessment. Also triggers on "is my site secure," "check for vulnerabilities," "harden my server," "audit my domain," "set up DNSSEC," or any request involving security assessment — even vague ones like "I'm worried about my site's security."

1 Updated 2 days ago

mturac

AI & Automation Listed

security-audit

Detect common security vulnerabilities in code. Covers OWASP patterns, SQL injection, bare excepts, shell injection. Framework-agnostic.

335 Updated today

aiskillstore

Data & Documents Listed

security-audit

Deep adversarial security audit engine for full-stack web applications. Use this skill when the user wants to audit a codebase for security vulnerabilities, broken access control, injection risks, authentication weaknesses, payment security, file upload exploits, IDOR, CSRF, SSRF, RLS bypass, business logic abuse, rate limiting gaps, or deployment security issues. Trigger whenever the user says "audit my security", "find vulnerabilities", "pen test my app", "is this secure", "check for IDOR", "harden my auth", "review my payment flow for exploits", "can someone bypass this", "what can an attacker do", or shares code and asks about security, exploits, or hardening. Also trigger proactively when reviewing any app that handles auth, payments, file uploads, admin routes, or user-generated content — even if the user doesn't use the word "security".

2 Updated today

Heet-P