dev-security-audit
Developer Workstation Security Audit
A systematic, multi-phase security audit for developer workstations. Checks for supply chain compromise indicators (via case-based IoC library at references/cases/), scans for exposed credentials across 20+ categories, and generates a prioritized remediation plan.
When to Use
- User suspects their machine was compromised
- User wants to check for exposed secrets/credentials
- User heard about a supply chain attack and wants to check if affected
- User wants a general security audit of their dev environment
- Post-incident response: credential rotation planning
When NOT to Use
- Code-level security review (use
/codex-securityor/security-review) - Dependency vulnerability audit (use
/dep-audit) - OWASP Top 10 web app audit (use
/codex-security) - Runtime application security testing
More from sd0xdev/sd0x-dev-flow
statusline-config
Customize Claude Code statusline. Use when: user says 'statusline', 'status line', 'customize statusline', 'modify statusline', 'statusline settings', 'statusline theme', 'change theme', 'color scheme', wants to add/remove/change segments (cost, git, model, context), switch color themes (catppuccin, dracula, nord), or asks what can be shown in the statusline.
53tech-spec
Tech spec generation and review. Use when: designing features, writing specs, spec review. Not for: requirements analysis (use req-analyze), implementation (use feature-dev), architecture advice (use codex-architect). Output: numbered tech spec document.
47codex-brainstorm
Adversarial brainstorming via Claude+Codex debate. Use when: exploring solutions, feasibility analysis, exhaustive enumeration. Not for: implementation (use feature-dev), architecture only (use codex-architect). Output: Nash equilibrium consensus + action items.
7security-review
Security review via Codex MCP. Use when: OWASP Top 10 audit, dependency vulnerability check, security-sensitive changes. Not for: code review (use codex-code-review), test review (use test-review). Output: security findings + audit report.
7test-review
Test coverage review via Codex MCP. Use when: reviewing test sufficiency, identifying coverage gaps, test quality audit. Not for: generating tests (use codex-test-gen), code review (use codex-code-review). Output: coverage analysis + gap report.
7codex-code-review
Code review using Codex MCP. Use when: PR review, code audit, second opinion on changes. Not for: doc review (use doc-review), security audit (use security-review). Output: severity-grouped findings + merge gate.
7