code-security-auditor
Code Security Auditor
Overview
This skill enables OpenCode to perform a comprehensive pre-execution security audit of a given codebase and produce a structured, high-signal risk report. It analyzes the entire project including source code, dependency manifests, build scripts, and configuration files from a security-first perspective.
When to Use This Skill
Use this skill when:
- User requests security analysis of a codebase
- User asks to "audit", "scan", or "check" code for safety before running
- User wants to know if code is safe to execute locally
- Analyzing untrusted or third-party code
- Performing due diligence on new dependencies or projects
Analysis Workflow
Step 1: Understand the Project Scope
More from thearchitectit/awesome-opencode-skills
artifacts-builder
Suite of tools for creating elaborate, multi-component claude.ai HTML artifacts using modern frontend web technologies (React, Tailwind CSS, shadcn/ui). Use for complex artifacts requiring state management, routing, or shadcn/ui components - not for simple single-file HTML/JSX artifacts.
12mcp-builder
Guide for creating high-quality MCP (Model Context Protocol) servers that enable LLMs to interact with external services through well-designed tools. Use when building MCP servers to integrate external APIs or services, whether in Python (FastMCP) or Node/TypeScript (MCP SDK).
11changelog-generator
Automatically creates user-facing changelogs from git commits by analyzing commit history, categorizing changes, and transforming technical commits into clear, customer-friendly release notes. Turns hours of manual changelog writing into minutes of automated generation.
11file-organizer
Intelligently organizes your files and folders across your computer by understanding context, finding duplicates, suggesting better structures, and automating cleanup tasks. Reduces cognitive load and keeps your digital workspace tidy without manual effort.
11theme-factory
Toolkit for styling artifacts with a theme. These artifacts can be slides, docs, reportings, HTML landing pages, etc. There are 10 pre-set themes with colors/fonts that you can apply to any artifact that has been creating, or can generate a new theme on-the-fly.
10webapp-testing
Toolkit for interacting with and testing local web applications using Playwright. Supports verifying frontend functionality, debugging UI behavior, capturing browser screenshots, and viewing browser logs.
10