commit-security-scan
Installation
SKILL.md
Commit Security Scan
Analyze code changes (commits, PRs, diffs) using LLM-powered reasoning to detect security vulnerabilities. This skill reads code directly and applies patterns from the repository's threat model to identify issues across all STRIDE categories.
When to Use This Skill
- PR review - Automated security scan on pull requests
- Pre-commit check - Scan staged changes before committing
- Branch comparison - Review security of feature branch changes
- Code review assistance - Help reviewers spot security issues
Prerequisites
This skill requires:
- Threat model -
.factory/threat-model.mdmust exist - Security config -
.factory/security-config.jsonfor severity thresholds
IMPORTANT: If these files don't exist, you MUST generate them first before proceeding with the security scan.
Related skills
More from factory-ai/factory-plugins
no-use-effect
>-
287human-writing
|
126simplify
Review changed code for reuse, quality, and efficiency, then fix any issues found.
91frontend-design
|
85security-review
Scan code changes for security vulnerabilities using STRIDE threat modeling, validate findings for exploitability, and output structured results for downstream patch generation. Supports PR review, scheduled scans, and full repository audits.
73visual-design
|
71