Security audit workflow - vulnerability scan → verification
security-sentinel
0
0
# Install this skill:
npx skills add ahmedhesham2020/AI_Skills --skill "security-sentinel"
Install specific skill from multi-skill repository
# Description
Detects common security vulnerabilities like hardcoded secrets.
# SKILL.md
name: security-sentinel
description: Detects common security vulnerabilities like hardcoded secrets.
Skill: Security Sentinel 🛡️
Description
Detects common security vulnerabilities (like hardcoded secrets or unsafe inputs) and suggests safer alternatives.
Trigger Criteria
- Patterns: Detecting strings like
API_KEY,PASSWORD, orSECRET. - Functions: Use of unsafe functions (e.g.,
eval(),exec(), or raw SQL queries).
Instructions
- Audit: Identify any hardcoded credentials or dangerous function calls.
- Warn: Proactively alert the user about the specific risk (e.g., "Hardcoded keys can be leaked in version control").
- Remedy: Suggest using environment variables or parameterized queries instead.
Suggestions Logic
- Context: When the user enters code containing high-risk strings or functions.
- Action: Alert the user to the specific line and offer a fix.
- Dialogue Template: "I've detected a potential security risk here. Would you like me to help you move this to an environment variable or use a safer function?"
# Related Skills
Security-first PR review checklist for this repo. Use when reviewing diffs/PRs, especially...
Professional network reconnaissance and port scanning using nmap. Supports various scan types...
ONVIF device security scanner for testing authentication and brute-forcing credentials. Use when...
# Supported AI Coding Agents
This skill is compatible with the SKILL.md standard and works with all major AI coding agents:
Amp
Antigravity
Claude Code
Clawdbot
Codex
Cursor
Droid
Gemini CLI
GitHub Copilot
Goose
Kilo Code
Kiro CLI
OpenCode
Roo Code
Trae
Windsurf
Learn more about the SKILL.md standard and how to use these skills with your preferred AI coding agent.