dfyx-code-security-audit

Skill by ara.so — Security Skills collection.

Expert-level code security auditing using deep data flow analysis and business logic understanding. Supports 9 programming languages, 10 security dimensions (OWASP Top 10+), and uses a 5-phase standardized audit protocol based on real-world WooYun vulnerability cases.

What This Does

dfyx_code_security_review is a professional code security audit framework that:

• Analyzes source code using white-box static analysis methodology
• Detects vulnerabilities across 10 security dimensions (injection, auth, authorization, deserialization, file ops, SSRF, crypto, config, business logic, supply chain)
• Validates findings through taint tracking and attack chain construction
• Reports actionable security issues with PoC and remediation guidance

Supported Languages & Frameworks

Languages (9): Java, Python, Go, PHP, JavaScript/Node.js, C/C++, .NET/C#, Ruby, Rust