security
CMS Security Audit
Audit CMS projects for OWASP Top 10 vulnerabilities, CMS-specific security issues, and dependency CVEs.
Usage
/plugin-cms-toolkit:security # Full audit (code + deps + config)
/plugin-cms-toolkit:security code # Source code analysis only
/plugin-cms-toolkit:security deps # Dependency vulnerability scan only
/plugin-cms-toolkit:security config # Configuration security review only
Workflow
1. Detect CMS and Gather Context
Determine the CMS platform, then identify:
.csprojfiles → NuGet package versions
More from twofoldtech-dakota/plugin-cms-toolkit
optimizely
Optimizely CMS 12 and CMS SaaS expertise. Provides best practices for content types, blocks, pages, Visual Builder, Graph API, REST API, experimentation integration, and .NET/headless development patterns. Auto-invoked when working in Optimizely projects.
2scaffold
Scaffolds CMS components, content types, controllers, and page types for Sitecore, Umbraco, or Optimizely. Detects the CMS platform automatically and generates platform-specific code. Usage - /plugin-cms-toolkit:scaffold component HeroBlock
1a11y
>
1sitecore
Sitecore XM Cloud and XP/XM expertise. Provides best practices for content modeling, component development, serialization, headless architecture with Content SDK, and SXA patterns. Auto-invoked when working in Sitecore projects.
1umbraco
Umbraco CMS v14-17 expertise. Provides best practices for document types, compositions, property editors, Content Delivery API, Management API, Bellissima backoffice extensions, and .NET development patterns. Auto-invoked when working in Umbraco projects.
1cms-detect
Auto-detects the CMS platform (Sitecore, Umbraco, or Optimizely) in the current project by scanning project files, dependencies, and configuration. Invoked automatically when working in a CMS project.
1