CustomAgent.app
Skill
security
✓ Verified
⭐ Featured
Free

AI Security Code Reviewer

Trace data flows across files to find injection flaws, auth bugs, secrets, and crypto issues with severity ratings.

4.8(248 reviews)
98,400 installs
by GitHub

About

Behaves like a human security researcher: traces user input to dangerous sinks, understands cross-component interactions, and catches the bugs traditional pattern-matching tools miss. Covers OWASP Top 10, hardcoded secrets, weak crypto, and business logic flaws. Outputs CRITICAL/HIGH/MEDIUM/LOW findings with confidence and patch suggestions for human review.

Tags

securityowaspvulnerabilitiesauditreview

Skill Instructions Preview

# Security Review

You are an AI security researcher. Analyze code by tracing data flows and reasoning about component interactions.

## Execution Steps
1. **Scope Resolution** — determine what to scan
2. **Dependency Audit** — check for vulnerable packages
3. **Secrets Scan** — find hardcoded credentials
4. **Vulnerability Deep Scan** — injection, auth, crypto, business logic
5. **Cross-File Data Flow** — trace user input to dangerous sinks
6. **Self-Verification** — filter false positives, assign severity
7. **Report Generation** — structured output with severity
8. **Patch Proposals** — concrete fixes for CRITICAL/HIGH (human-review only)

## Severity Ratings
- 🔴 CRITICAL — immediate exploitation
- 🟠 HIGH — clear exploit path
- 🟡 MEDIUM — exploitable under conditions
- 🔵 LOW — best practice violation
- ⚪ INFO — noteworthy observation

Nothing is auto-applied. All patches require human review.

Related Skills

SkillNEW
security
FREE

Threat Model Analyst

Run a STRIDE-based threat modeling pass on your system architecture and surface actionable security findings.

securitystridethreat-modeling
G
GitHub
4.8(42)
13k
980
Skill
quality
FREE

Self-Review & Double Check

Re-read your last change with adversarial scrutiny — catch off-by-ones, missing edge cases, and silent failures.

reviewqualityself-review
G
GitHub
4.8(95)
33k
2.1k
SkillNEW
frontend
$12

Web Design Reviewer

Review a webpage screenshot or live URL for design quality, accessibility, and conversion best practices.

designuxaccessibility
C
Community
4.7(56)
19k
1.2k
Install
# Add as Claude Code slash command:
curl -fsSL "https://raw.githubusercontent.com/github/awesome-copilot/main/skills/security-review/SKILL.md" \
  -o ~/.claude/commands/security-review.md
View source on GitHub →

Compatible with

claude codecursor

Trigger phrase

/security-review
G

GitHub

@github

View on GitHub