security-watch
Installation
SKILL.md
Security Watch Mode
When activated, scans every file write for common security anti-patterns and blocks dangerous code from being committed.
What It Does
Flags or blocks writes containing:
- Secrets: API keys, passwords, tokens, private keys in source code
- Dangerous functions:
eval(),Function(),innerHTML,dangerouslySetInnerHTML - Injection vectors: Unsanitized template literals in SQL/shell commands
- Insecure config:
http://URLs, disabled TLS verification,*CORS origins
Activation
/security-watch