Skills

commit-security-scan

Installation
SKILL.md

Commit Security Scan

Analyze code changes (commits, PRs, diffs) using LLM-powered reasoning to detect security vulnerabilities. This skill reads code directly and applies patterns from the repository's threat model to identify issues across all STRIDE categories.

When to Use This Skill

  • PR review - Automated security scan on pull requests
  • Pre-commit check - Scan staged changes before committing
  • Branch comparison - Review security of feature branch changes
  • Code review assistance - Help reviewers spot security issues

Prerequisites

This skill requires:

  1. Threat model - .factory/threat-model.md must exist
  2. Security config - .factory/security-config.json for severity thresholds

IMPORTANT: If these files don't exist, you MUST generate them first before proceeding with the security scan.

Installs
3
Repository
factory-ai/skills
GitHub Stars
2
First Seen
May 14, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykFail
commit-security-scan — factory-ai/skills