Agent Skills: security-review

Security vulnerability assessment identifying OWASP risks, injection vectors, authentication issues, and data exposure with severity classification.

UncategorizedID: a5c-ai/babysitter/security-review

Install this agent skill to your local

pnpm dlx add-skill https://github.com/a5c-ai/babysitter/tree/HEAD/library/methodologies/rpikit/skills/security-review

Skill Files

Browse the full folder contents for security-review.

Download Skill

Loading file tree…

library/methodologies/rpikit/skills/security-review/SKILL.md

Skill Metadata

Name
security-review
Description
Security vulnerability assessment identifying OWASP risks, injection vectors, authentication issues, and data exposure with severity classification.
  • Before any code merge involving user-facing changes
  • As part of the /review-security command
  • Mandatory for high-stakes implementations

Process

  1. Identify modified files with security relevance
  2. Scan for common vulnerability patterns
  3. Assess authentication and authorization changes
  4. Check for data exposure risks
  5. Evaluate dependency security
  6. Classify severity and provide recommendations

Severity Levels

  • Critical: Immediate exploitation risk
  • High: Significant vulnerability requiring fix before merge
  • Medium: Vulnerability that should be addressed soon
  • Low: Minor security improvement opportunity

Key Rules

  • Security review failure halts implementation
  • All findings must include file paths and line numbers
  • Provide actionable remediation steps
  • Reference OWASP categories where applicable

Tool Use

Invoke via babysitter process: methodologies/rpikit/rpikit-review