Agent Skills
› davepoon/buildwithclaude
› security-audit
security-audit
GitHub调用Centinela代理执行深度安全审计,覆盖OWASP Top 10、密钥扫描及依赖漏洞。适用于发布前、重大变更或新增依赖场景。生成报告并移交修复建议,不自动修复。
Trigger Scenarios
发布前验证安全状态
涉及认证或数据处理代码的重大变更后
定期代码库安全审查
添加新依赖或外部集成时
Install
npx skills add davepoon/buildwithclaude --skill security-audit -g -y
SKILL.md
Frontmatter
{
"name": "security-audit",
"category": "quality-security",
"description": "Deep security audit covering OWASP Top 10, authentication, authorization, data protection, dependency vulnerabilities, and secrets scanning. Delegates to the Centinela (QA) agent."
}
Security Audit
Performs a deep security audit using the Centinela (QA) agent.
When to Use This Skill
- Before a release to verify security posture
- After significant code changes that touch authentication, authorization, or data handling
- Periodic security review of the codebase
- When adding new dependencies or external integrations
What This Skill Does
- Runs the SIGN IN checklist
- Performs OWASP Top 10 systematic check (A01-A10)
- Scans for hardcoded secrets, API keys, tokens, and connection strings
- Audits dependencies for known CVEs
- Checks smart contracts if Solidity is present (reentrancy, overflow, access control)
- Runs Security Verification and Quality Verification checklists (TIME OUT)
- Issues verdict and writes report to
docs/reviews/security-audit-{date}.md - Prepares findings handoff to Dev agent
How to Use
Basic Usage
/security-audit
Scoped Audit
/security-audit src/auth/ src/api/
Example
User: /security-audit src/payments/
Output: A security audit report at docs/reviews/security-audit-2026-02-23.md with:
- OWASP Top 10 findings organized by severity
- Secrets scan results
- Dependency vulnerability report
- Verdict: APPROVED or CHANGES REQUIRED
- Fix order recommendation for the Dev agent
Tips
- If no scope is specified, the entire
src/directory is audited - Critical findings trigger the Non-Normal emergency checklist
- The agent will never attempt to fix vulnerabilities — only document them
Version History
- 502fc01 Current 2026-07-05 15:01


