security-audit
/security-audit — Deep Security Audit
Thorough security audit using 3-4 parallel agents, each focused on a specific security domain. More comprehensive than the security reviewer in /engineer-review — use this for pre-launch audits or when security is the primary concern.
When to Use
- Pre-launch security review
- User says "security audit", "check for vulnerabilities"
- After significant auth/data changes
- Periodic codebase security check
Process
Step 1: Scope the Audit
Determine what to audit:
- If
$ARGUMENTSspecifies files or features: scope to those - If no arguments: audit the entire codebase
More from elliottrjacobs/bench-skills
product-prd
Write product requirements documents from feature ideas or brainstorm output. Use when the user says "write a PRD", "product requirements", "feature spec", or needs to formalize a product concept into a structured document.
17product-tech-spec
Write technical specifications bridging product requirements and implementation. Use when the user says "tech spec", "technical spec", "architecture doc", "system design", or after writing a PRD and before planning implementation.
11product-naming
Expert naming process for products, companies, and features based on David Placek's methodology. Use when the user says "name this", "brainstorm names", "naming process", or needs to find a name for a product, feature, company, or project.
10knowledge-compound
Document solutions, decisions, and learnings into a searchable knowledge base. Use when the user says "document this", "compound this", "save this solution", "capture this", or after completing significant work that uncovered reusable knowledge.
8engineer-review
Comprehensive multi-agent code review with parallel specialist reviewers. Use when the user says "review this", "code review", "review my PR", provides a PR number or branch, or after completing a /engineer-work cycle.
8product-brainstorm
Guided requirements exploration through structured dialogue. Use when the user says "brainstorm", "explore this idea", "help me think through", or when requirements are fuzzy and need clarification before writing specs.
8