security-review
Security Review
Systematic security analysis of code changes.
Core Approach
"Assume the user is the attacker. Find where trust is misplaced."
Risk Classification
| Risk Level | Triggers |
|---|---|
| HIGH | Auth, crypto, external calls, value transfer, validation removal |
| MEDIUM | Business logic, state changes, new public APIs |
| LOW | Comments, tests, UI, logging |
Attack Surface Mapping
For each change, identify:
More from mcouthon/agents
makefile
Use when creating Makefiles for process lifecycle management with PID tracking, logging, and status monitoring. Triggers on: 'use makefile mode', 'makefile', 'create makefile', 'process management', 'background jobs', 'start/stop services'. Full access mode - can create/modify Makefiles.
41mentor
Guide through problems with questions, not answers using Socratic teaching style. Use when asked to teach, explain concepts through discovery, help learn, or guide understanding without giving direct solutions. Triggers on: 'use mentor mode', 'teach me', 'help me understand', 'guide me', 'mentor', 'I want to learn', 'explain by asking', 'Socratic', 'don't give me the answer'. Read-only mode - explores and guides but doesn't write code.
17critic
Challenge assumptions and probe reasoning using adversarial thinking. Use when asked to find weaknesses, challenge a design, identify edge cases, or stress-test an approach. Triggers on: 'use critic mode', 'challenge this', 'find weaknesses', 'what could go wrong', 'critic', 'devil's advocate', 'poke holes', 'stress test', 'what am I missing', '5 whys'. Read-only mode - questions and probes but doesn't provide solutions.
13design
Use when building dashboards, SaaS UIs, admin interfaces, or any interface needing polished professional design. Covers design direction, craft principles, and 9-phase implementation. Triggers on: 'use design mode', 'design system', 'design system upgrade'. Full access mode.
13tech-debt
Use when finding code smells, auditing TODOs, removing dead code, cleaning up unused imports, or assessing code quality. Triggers on: 'use tech-debt mode', 'tech debt', 'code smells', 'clean up', 'remove dead code', 'delete unused', 'simplify'. Full access mode - can modify files and run tests.
13deep-research
Exhaustive investigation with citations and structured findings. Use when thorough coverage is needed, all sources must be cited, or research will inform critical decisions. Triggers on: 'use deep-research mode', 'deep research', 'exhaustive investigation', 'thorough research', 'cite all sources', 'comprehensive analysis', 'leave no stone unturned', 'research everything'. Read-only mode - investigates and documents but doesn't modify code.
13