Security Review
OWASP Top 10 walk against the codebase with concrete proof-of-concept exploits per finding.
Overview
Walks OWASP Top 10 against the codebase in /work via shell_read + grep + targeted endpoint probes. For every finding, builds a CONCRETE proof-of-concept (the curl command, the payload, the exact line in the code) — vague 'might be vulnerable to XSS' is forbidden. Proposes the minimum patch per finding (minimal-patch discipline).
When to use this
- user wants a security review of their code
- user says 'security audit' / 'check this for vulnerabilities' / 'OWASP review'
- user is shipping to production and wants a pre-launch security check
When NOT to use this
- user wants a LIVE site audited (not source) → use website-audit with focus=security
- user wants to fix one specific vuln → use minimal-patch directly
Example prompts
Inputs and output
Inputs
| Field | Description |
|---|---|
scope | path or glob to audit (default /work) |
Output
Per-finding report: file:line, severity, PoC, proposed minimal patch.
Runtime profile
What the engine commits when this skill runs.
| Property | Value | Meaning |
|---|---|---|
| Model tier | sonnet | The balanced default model class. Trades quality against cost for the vast majority of skill runs. |
| Cost class | standard | The balanced default model. Right for most skills. |
| Turn budget | 12 | Hard cap on tool-calling iterations before the engine forces a final answer. |
| Execution | synchronous | Runs inside the live turn; result lands in the same response. |
Under the hood
Tools the engine exposes to this skill and integrations it needs.
| Resource | Kind |
|---|---|
shell_exec | tool |
shell_read | tool |
Tags: engineering, security, audit
Execution template
Shell tools dispatch via a command template. The model substitutes user inputs into the placeholders before firing the underlying tool.
Invoking this from an agent
Three paths reach this skill. From the chat UI, a user can type the persona slash command followed by a natural request and the discovery step resolves to this skill automatically. From the MCP server, fetch the skill detail with get_skill({id: "security-review"}) and then invoke it through the agent runtime once the authenticated tier ships. From your own code, hit /docs/skills/security-review/llm.txt for the token-efficient markdown body and feed it to your model directly.
Accept: text/markdown. The full machine-readable catalog lives at /.well-known/agent-skills/index.json.