security-audit
Installation
SKILL.md
Security Audit
Perform a security audit of the backend codebase, focusing on vulnerabilities that could be exploited by external attackers. Check every category below systematically.
Audit Categories
1. SQL & Query Performance (DoS via slow queries)
Scan all files in src/query-builders/ and any raw SQL in src/controllers/ or src/utils/.
For each query, check:
- CTE materialization: Does any
ORDER BYon a CTE wrapper force full materialization beforeLIMITis applied? PostgreSQL must fully materialize and sort before it can limit, turning a lazy evaluation into a full scan. - Missing LIMIT: Are there queries that return unbounded results? An attacker who controls data volume (e.g., pushing keys to a Stellar contract) can force massive result sets.
- Recursive CTEs without termination guards: Could a recursive query run indefinitely or for an attacker-controlled number of iterations?
- Sequential scalar subqueries: Does the query pattern cause N+1-style execution where N is attacker-controlled?
- Missing indexes: Are WHERE/ORDER BY clauses hitting columns without indexes? Check against the Prisma schema.
For each issue found, explain: