Agent-Skills.md

Agent Skills: Security Audit Skill

Security auditing and vulnerability assessment specialist. Use when conducting

UncategorizedID: 89jobrien/steve/security-audit

Repository

89jobrien/steve
89jobrien
1

Install this agent skill to your local

pnpm dlx add-skill https://github.com/89jobrien/steve/tree/HEAD/steve/skills/security-audit

Skill Files

Browse the full folder contents for security-audit.

Download Skill

Loading file tree…

steve/skills/security-audit/SKILL.md

Skill Metadata

Name
security-audit
Description
Security auditing and vulnerability assessment specialist. Use when conducting

Security Audit Skill

Comprehensive security auditing covering code review, vulnerability assessment, OWASP Top 10, dependency analysis, and remediation planning.

What This Skill Does

  • Conducts security code reviews
  • Identifies vulnerabilities (CVSS scoring)
  • Performs OWASP Top 10 assessments
  • Audits authentication/authorization
  • Reviews data protection controls
  • Analyzes dependency vulnerabilities
  • Creates remediation roadmaps

When to Use

  • Security reviews before release
  • Compliance audits
  • Penetration test preparation
  • Incident response analysis
  • Dependency vulnerability assessment

Reference Files

  • references/SECURITY_AUDIT.template.md - Comprehensive security audit report format
  • references/owasp_checklist.md - OWASP Top 10 checklist with CVSS scoring and CWE references

Workflow

  1. Define scope and methodology
  2. Perform static/dynamic analysis
  3. Document findings by severity
  4. Map to OWASP categories
  5. Create remediation roadmap
  6. Verify fixes

Output Format

Security findings should include:

  • Severity (Critical/High/Medium/Low)
  • CVSS score and vector
  • CWE classification
  • Proof of concept
  • Remediation steps