Security Audit

When to Use

• Working with any code that handles user input, authentication, or authorization
• Adding or updating dependencies
• Reviewing infrastructure-as-code (Terraform, Ansible, Docker, CloudFormation)
• Before claiming security posture is adequate
• When conversation mentions: security, vulnerability, CVE, OWASP, secrets, hardening

Natural Language Triggers

• "security check", "is this secure", "vulnerability scan", "audit security", "check for secrets"