security-audit-standard

Installation
SKILL.md

Security Audit Standard

Methodology derived from production security audits.

Audit Process

Phase 1: Secret Scanning

Scan for hardcoded credentials in tracked source files.

Targets:
- API keys, tokens, passwords in source (not .env)
- Webhook URLs with tokens
- Database connection strings
- Private keys, certificates
- obfstr!() usage (Rust): still in binary, just obfuscated
Installs
4
GitHub Stars
4
First Seen
Jun 12, 2026
security-audit-standard — 0xmassi/claude-skills