security-reviewer
security-reviewer (Codex Compatibility)
Use this skill after code changes that touch input handling, auth, APIs, data access, uploads, payments, or external integrations.
Routing Boundary
Use this skill when security is the main question:
- OWASP/security audit/security review
- secret leak, token exposure, unsafe logging
- auth bypass, authorization gaps, session/token handling
- injection, XSS, SSRF, unsafe file upload or command execution
Do not use this as the default owner for ordinary maintainability review. If security is only one item in a general PR review, code-reviewer can flag it, but explicit security-audit wording should route here.
Security Review Workflow
- Initial Scan
- Locate auth, API endpoints, DB queries, file handling, and external calls.
- Check for hardcoded secrets and unsafe config defaults.
More from foryourhealth111-pixel/vibe-skills
ralph-loop
Codex-compatible Ralph loop runner with dual engines (compat local state loop + optional open-ralph-wiggum backend).
7clinical-reports
Write comprehensive clinical reports including case reports (CARE guidelines), diagnostic reports (radiology/pathology/lab), clinical trial reports (ICH-E3, SAE, CSR), and patient documentation (SOAP, H&P, discharge summaries). Full support with templates, regulatory compliance (HIPAA, FDA, ICH-GCP), and validation tools.
4polars
Fast in-memory DataFrame library for datasets that fit in RAM. Use when pandas is too slow but data still fits in memory. Lazy evaluation, parallel execution, Apache Arrow backend. Best for 1-100GB datasets, ETL pipelines, faster pandas replacement. For larger-than-RAM data use dask or vaex.
4lqf_machine_learning_expert_guide
|
3detecting-performance-regressions
|
3creating-data-visualizations
|
3