Frontend Security Audit Skill

Perform comprehensive security audits of frontend codebases to identify vulnerabilities, bad practices, and missing protections.

Audit Process

1. Scan for dangerous patterns - Search codebase for known vulnerability indicators
2. Review framework-specific risks - Check for framework security bypass patterns
3. Validate defensive measures - Verify CSP, CSRF tokens, input validation
4. Check dependencies - Review npm/node dependencies for vulnerabilities
5. Report findings - Categorize by severity with remediation guidance

Critical Vulnerability Patterns to Search

XSS Indicators (Search Priority: HIGH)

# React dangerous patterns
grep -rn "dangerouslySetInnerHTML" --include="*.jsx" --include="*.tsx" --include="*.js"