Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From oh-my-claudecode
Runs security review on codebase checking OWASP Top 10, hardcoded secrets, injections, XSS, and npm dependencies. Outputs severity-rated report with locations and remediations.
npx claudepluginhub mazenyassergithub/oh-my-claudecode --plugin oh-my-claudecodeHow this command is triggered — by the user, by Claude, or both
Slash command
/oh-my-claudecode:security-reviewThe summary Claude sees in its command listing — used to decide when to auto-load this command
# Security Review [SECURITY REVIEW MODE ACTIVATED] ## Objective Conduct a thorough security review of the specified code, checking for OWASP Top 10 vulnerabilities, hardcoded secrets, and unsafe patterns. ## What Gets Reviewed - **Authentication/Authorization** - Verify proper access controls - **Input Validation** - Check all user inputs are sanitized - **Secrets Management** - Find hardcoded API keys, passwords, tokens - **Injection Prevention** - SQL, NoSQL, command injection risks - **XSS Prevention** - Cross-site scripting vulnerabilities - **Dependency Security** - Vulnerable npm...
/auditPerforms security audit of codebase for dependency vulnerabilities, secrets, OWASP Top 10, input validation, auth issues, and misconfigs. Outputs findings report by severity with fixes and references.
/review-securityConduct a comprehensive security code review examining OWASP Top 10, secure coding patterns, input validation, and cryptography.
/securityConducts security reviews of apps, APIs, scripts, and configs using OWASP Top 10 best practices and threat modeling; detects vulnerabilities and suggests fixes.
/security-reviewPerforms CWE Top 25 security review and STRIDE threat modeling on files/directories at maximum effort. Supports git diff scans (--auto/--quick), dependency checks, and markdown/json reports.
/security-reviewAnalyzes security vulnerabilities in the codebase or specified scope and generates a prioritized improvement plan as markdown report in /reports.
Share bugs, ideas, or general feedback.
[SECURITY REVIEW MODE ACTIVATED]
Conduct a thorough security review of the specified code, checking for OWASP Top 10 vulnerabilities, hardcoded secrets, and unsafe patterns.
This command delegates to the security-reviewer agent (Opus model) for deep security analysis.
The agent will:
npm audit for dependency vulnerabilitiesA security review report with: