krt-security-sentinel
KRT Security Sentinel
KRT Security Sentinel protects the table from preventable security regressions. It can run as a focused review for one slice/work package or as a broader diagnostic pass over a repo/system.
Inside Compound Master it also supports Security Watch: a read-only incremental mode during work execution that records early risk notes and verification prompts, then takes formal action in the final security gate.
Default posture: defensive, evidence-based, non-invasive. Do not exploit, scan external targets, brute force, exfiltrate data, decode secrets, or run intrusive tooling unless the user explicitly authorizes a safe environment and scope.
Load References
- Load
references/security-rubric.mdbefore reviewing a slice, work package, repository, or system. - Load
references/compound-master-integration.mdwhen invoked by or for Compound Master. - Load
references/source-literature.mdwhen explaining the model or when the user asks what the review is based on.
Workflow
Step 1 - Set Scope
Classify the mission:
More from elzawarudo/krt
krt-compound-master
>
11krt-release-marshal
Orchestrate the full delivery flow for the current project repository: direct krt-gitflow-knight for clean commits, krt-rebase-smith for clean branch history, krt-jira-scribe for Jira Server/Data Center issue work, then open a GitHub pull request with a factual body and Jira link. Use when the user asks to create/open a PR, prepare a pull request, ship current work, publish branch changes for review, or run the full gitflow + rebase + Jira + PR workflow. Runtime aliases may expose this as krt:release-marshal.
10krt-gitflow-knight
>
10krt-rebase-smith
>
8krt-jira-scribe
Manages Jira Server/Data Center issues on a Spanish-language instance. Verifies existing global issues and subtasks, checks whether new work belongs under an existing parent, proposes Spanish issue/subtask creation when missing, handles active sprint placement, and manages Spanish transitions. Runtime aliases may expose this as krt:jira-scribe.
8krt-ci-questor
Investigate CI/CD failures and produce concise cause reports. Use when a user asks why a GitHub Actions, GitLab CI, CircleCI, Jenkins, or other pipeline failed; needs log triage, flaky-test assessment, runner/dependency/config diagnosis, failed-check summaries, rerun guidance, or a simple report explaining what happened and what to do next. Runtime aliases may expose this as krt:ci-questor.
7