Security Check Skill

Use this skill when auditing code for security vulnerabilities or reviewing security-sensitive changes.

Security Review Questions

When reviewing security-sensitive code, ask:

1. What could go wrong? - Assume adversarial input.
2. What's the blast radius? - If this fails, what's exposed?
3. Is this the right layer? - Is security enforced at the right level?
4. Can this be bypassed? - Are there alternate paths to the resource?
5. Is this defense in depth? - Are there multiple layers of protection?

Common Vulnerability Patterns

Injection Attacks

SQL Injection