security-audit
Installation
SKILL.md
Security Audit Skill
A comprehensive, manual deep code audit protocol for security-critical systems. Includes fast "Vibe Coding Guardrails" for the most common AI-assisted development pitfalls.
When to Use
- Before major releases
- Security review requests
- Auditing authentication/payment flows
- When "audit" or "security" is mentioned
- After scaffolding a new project with AI (vibe coding sanity check)
- Before first deploy of any user-facing app
Audit Phases
Phase 0: Scope Definition
Define boundaries:
- FULL_SCAN: Entire codebase
- FEATURE_SCAN: Specific feature (
docs/features/[Name].md) - DIFF_SCAN:
git diff --stagedorgit diff HEAD~1