/review-security

Perform comprehensive security audit using code-review-agent and security-production-agent. Scan for OWASP Top 10 vulnerabilities: SQL injection, XSS, CSRF, insecure authentication, broken access control, security misconfiguration, sensitive data exposure, insufficient logging, insecure deserialization, and vulnerable dependencies. Check environment variable handling, API key exposure, HTTPS enforcement, security headers (CSP, HSTS, X-Frame-Options), input validation, output encoding, rate limiting, session management, and file upload restrictions. Run npm audit and analyze results. Check Azure/Railway security configurations. Provide prioritized findings with severity ratings, exploitation scenarios, and remediation steps. Include compliance gaps and recommendations for security hardening. Output actionable security improvements with specific code fixes.

Perform comprehensive security audit using code-review-agent and security-production-agent. Scan for OWASP Top 10 vulnerabilities: SQL injection, XSS, CSRF, insecure authentication, broken access control, security misconfiguration, sensitive data exposure, insufficient logging, insecure deserialization, and vulnerable dependencies. Check environment variable handling, API key exposure, HTTPS enforcement, security headers (CSP, HSTS, X-Frame-Options), input validation, output encoding, rate limiting, session management, and file upload restrictions. Run npm audit and analyze results. Check Azure/Railway security configurations. Provide prioritized findings with severity ratings, exploitation scenarios, and remediation steps. Include compliance gaps and recommendations for security hardening. Output actionable security improvements with specific code fixes.