Skills

wxmini-security-audit

Installation
SKILL.md

wxmini-security-audit

Skill by ara.so — Security Skills collection.

Automated security auditing framework for WeChat mini-programs using Claude Code Agent Teams. Orchestrates 7 specialized agents to perform comprehensive static analysis covering sensitive information leakage, API endpoint extraction, cryptographic analysis, and vulnerability detection across seven security dimensions.

What It Does

  • Multi-Agent Orchestration: Coordinates 7 specialized agents (decompiler, secret scanner, endpoint miner, crypto analyzer, vulnerability analyzer, custom analyzer, reporter)
  • Dual-Layer Architecture: Python regex scripts ensure 100% rule coverage, LLM agents provide intelligent analysis with context awareness
  • Parallel Phase 2 Execution: Runs 4 analysis agents simultaneously to minimize audit time
  • User Intent Parsing: Automatically triggers deep custom analysis when specific endpoints/parameters are mentioned
  • Pure Static Analysis: Zero network requests, no attack code generation, fully local processing
  • Comprehensive Reporting: Generates both summary reports and detailed documentation with structured data exports

Architecture

The framework operates in sequential phases:

Installs
566
Repository
aradotso/security-skills
GitHub Stars
1
First Seen
May 17, 2026
Security Audits
Gen Agent Trust HubFail
SocketWarn
SnykFail
wxmini-security-audit — aradotso/security-skills