Performing Security Code Review

Overview

Conducts security-focused code reviews by scanning source files for common vulnerability patterns including SQL injection, XSS, authentication flaws, insecure dependencies, and secret exposure. Produces structured severity-rated reports with specific remediation guidance.

Prerequisites

Read access to all source files in the target project
grep available on PATH for pattern matching
Access to package.json or equivalent dependency manifest for dependency auditing
Familiarity with OWASP Top 10 vulnerability categories

Instructions

Identify the scope of the review: specific files, directories, or the entire codebase. Confirm the primary language(s) and framework(s) in use.
Scan for hardcoded secrets and credentials:
- Search for patterns matching API keys, tokens, passwords, AWS access keys (AKIA...), and private key headers (BEGIN PRIVATE KEY).
- Flag any .env files or configuration files containing plaintext secrets.
Analyze code for injection vulnerabilities:

Related skills

More from jeremylongshore/claude-code-plugins-plus-skills

Installs

Repository

jeremylongshore…s-skills

GitHub Stars

2.2K

First Seen

Feb 1, 2026

Security Audits

Gen Agent Trust HubPass

SocketPass

SnykFail

performing-security-code-review

Performing Security Code Review

Overview

Prerequisites

Instructions

More from jeremylongshore/claude-code-plugins-plus-skills

backtesting-trading-strategies

mindmap-generator

svg-icon-generator

performance-lighthouse-runner

tracking-crypto-prices

d2-diagram-creator