Agent Skills
› franklioxygen/agent-workflows
› security-review
security-review
GitHub针对代码变更、PR或分支执行专注的安全审查,覆盖认证、授权、注入、密钥处理等风险。通过信号扫描与手动追踪定位问题,按严重度报告发现,适用于安全风险评估场景。
Trigger Scenarios
请求代码安全审查
进行威胁建模或攻击面分析
评估认证/权限逻辑安全性
检测敏感数据泄露或依赖风险
Install
npx skills add franklioxygen/agent-workflows --skill security-review -g -y
SKILL.md
Frontmatter
{
"name": "security-review",
"description": "Perform focused security reviews of code changes, pull requests, branches, or workspace diffs for authentication, authorization, input validation, injection, secrets handling, sensitive data exposure, dependency risk, insecure transport, and unsafe operational behavior. Use when Codex is asked for a security review, threat-focused code review, auth\/permission review, or security-risk assessment."
}
Security Review
Quick Start
- Use this skill as a focused review layer, not a replacement for normal correctness review.
- Run
scripts/security_signal_scan.py <path>when a repository or changed-file path is available. - Read references/security-review-checklist.md before finalizing findings.
- Follow shared safety, validation, and scope rules in ../_shared/references/skill-operating-rules.md.
- Stay read-only unless the user explicitly asks for fixes.
- Do not commit, push, deploy, rotate secrets, revoke keys, or run destructive commands without explicit permission.
Review Workflow
- Establish scope:
- Review target: PR, branch, workspace changes, or specific files.
- Comparison base, if reviewing a diff.
- Trust boundaries affected by the change.
- Security-sensitive domains touched: auth, permissions, secrets, payments, PII, file upload, network calls, command execution, database access, dependency upgrades, logging, or telemetry.
- Run signal scan:
python3 scripts/security_signal_scan.py /path/to/repo-or-file
- Manually trace high-risk flows:
- External input to sink: database query, shell command, HTML/template rendering, file path, network request, deserialization, logging, or redirect.
- Identity to authorization decision: authentication source, user/session lookup, role/permission check, tenant or ownership boundary.
- Secret creation to storage/use/logging.
- Sensitive data from storage to response, logs, analytics, or third-party calls.
- Report findings first, ordered by severity. Use this format:
### [Severity] Finding title
- Location:
- Problem:
- Why it matters:
- Attack or failure scenario:
- Recommended fix:
- Severity: Critical / Major / Minor / Nit
- If no findings are found, state that explicitly and list residual risks, skipped checks, and validation performed.
Severity Guidance
- Critical: Direct data exposure, authentication bypass, authorization bypass, credential leak, remote code execution, destructive data mutation, or exploitable injection.
- Major: Missing edge-case authorization, unsafe input handling with plausible exploit path, sensitive logs, insecure defaults, unsafe dependency upgrade, or tenant-boundary risk.
- Minor: Defense-in-depth gap, weak validation, incomplete audit trail, ambiguous security behavior, or low-likelihood exposure.
- Nit: Naming, comment, or structure issue with no meaningful security impact.
Coordination With Other Workflows
- Use
code-review-agent-workflow.mdfor broad review and this skill for focused security depth. - If the security review finds a bug, hand off to the bug-fix workflow after reporting the finding.
- If the review finds a design or policy decision gap, hand off to the feature workflow rather than inventing security policy.
Version History
- 063f52c Current 2026-07-05 20:14


