security-audit
Security Audit Skill
This skill provides a comprehensive framework for security auditing, ensuring that common vulnerabilities are identified and addressed during development and review.
Audit Checklist
1. OWASP Top 10 & Common Vulnerabilities
- Injection: Check for SQL, Command, or NoSQL injection points. Ensure parameterized queries or proper escaping is used.
- Broken Access Control: Verify that users cannot access resources outside of their intended permissions.
- Insecure Design: Evaluate the overall architecture for security flaws.
- Cryptographic Failures: Ensure sensitive data (passwords, PII) is encrypted at rest and in transit using modern algorithms (e.g., AES-256, TLS 1.3).
2. Dependency Management
- Vulnerability Scanning: Check for known vulnerabilities in third-party libraries (e.g., using
npm audit,pip-audit, orsnyk). - Outdated Packages: Identify and update significantly outdated dependencies.
More from s-hiraoku/synapse-a2a
synapse-a2a
Synapse A2A agent communication -- sending messages, spawning agents, delegating tasks, sharing memory, managing the LLM wiki, and coordinating file edits. Use this skill when: running synapse send/reply/broadcast/interrupt, spawning agents with synapse spawn or synapse team start, sharing knowledge with synapse memory, managing wiki pages with synapse wiki, locking files with synapse file-safety, checking agent status with synapse list/status, or orchestrating any multi-agent workflow. For AI/programmatic use, prefer synapse list --json, synapse status <target> --json, or the MCP list_agents tool instead of interactive synapse list.
346opencode-expert
This skill provides comprehensive guidance for using OpenCode, the open-source AI coding agent. Use this skill when working with OpenCode CLI commands, keyboard shortcuts, agents (build/plan), slash commands, tools, skills, MCP servers, or configuration. Automatically triggered when OpenCode-specific questions or tasks are detected.
296synapse-reinst
>-
222synapse-manager
>-
99system-design
>-
95code-quality
Run code quality checks (ruff, mypy, pytest) and optionally simplify code. This skill should be used when the user wants to check code quality, run linters, run tests, or simplify recently modified code. Triggered by /lint, /check, or /code-quality commands.
92