review-security

# Review Security Analyze code for security vulnerabilities, insecure patterns, and security regressions. Return structured findings. ## Step 1: Determine the Scope Determine what to review: - If a specific **diff command** was provided (e.g., `git diff --cached`, `git diff main...HEAD`), use that. - If a **file list or directory** was provided, review those files directly (read the full files, not a diff). - If **neither** was provided, default to diffing against the repository's default branch (detect via `gh repo view --json defaultBranchRef --jq '.defaultBranchRef.name'`). ## Step 2: Load Threat Model Context Check if `.turbo/threat-model.md` exists at the repository root. If it does, read sections 2 (Trust Boundaries and Assumptions) and 3 (Attack Surface, Mitigations and Attacker Stories) to understand: - **Assets** at risk and their trust boundaries - **Attack surfaces** already identified, with their existing mitigations - **Attacker stories** describing known threat scenarios Use this context to prioritize findings. Changes that touch identified attack surfaces or weaken documented mitigations deserve heightened scrutiny. Changes that introduce new trust boundary crossings not covered by the threat model are especially important to flag. If no threat model exists, proceed without it. Do not create one. ## Step 3: Review 1. For diff scope: run the diff command to obtain the changes. For file scope: read the specified files. 2. For each file, read enough sur...