Stats
Actions
Tags
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
From mk
Runs a comprehensive security audit across all detected platforms, scanning for hardcoded secrets, type safety issues, and framework-specific vulnerabilities. Generates a severity-classified report.
How this command is triggered — by the user, by Claude, or both
Slash command
/mk:auditmk/The summary Claude sees in its command listing — used to decide when to auto-load this command
# /audit — Full Security Audit ## Usage ## Behavior Runs a comprehensive security audit using `mk:review` (structural) + `mk:cso` (infrastructure) skills across all platforms detected in the project. Generates a security report. ### Execution Steps 1. **Detect platforms.** Scan the project to identify which platforms/frameworks are in use (e.g., NestJS, Vue, Swift/iOS, Supabase, PostgreSQL). 2. **Run `mk:cso` security audit** for each detected platform. Check for all blocked patterns defined in `rules/security-rules.md`: - Hardcoded secrets (API keys, passwords, tokens, JWT secre...
/audit [optional: specific directory or file]
Runs a comprehensive security audit using mk:review (structural) + mk:cso (infrastructure) skills across all platforms detected in the project. Generates a security report.
Detect platforms. Scan the project to identify which platforms/frameworks are in use (e.g., NestJS, Vue, Swift/iOS, Supabase, PostgreSQL).
Run mk:cso security audit for each detected platform. Check for all blocked patterns defined in rules/security-rules.md:
any type in TypeScript (should use unknown + type guards)Classify findings by severity:
Generate security report. Write to:
tasks/reviews/YYMMDD-security-report.md
Report includes: per-platform findings, severity per finding, file and line references, remediation guidance.
Print summary. Display findings grouped by severity:
🐱 Security Audit Results:
BLOCK (2): [list]
WARN (3): [list]
PASS (8): [list]
tasks/reviews/YYMMDD-security-report.md/mk:ship command will executenpx claudepluginhub ngocsangyem/meowkit --plugin mk/kasi-securityRuns security audit on project codebase: detects stack (PHP/Node/Python/etc.), loads checklist, scans files for SQLi/XSS/CSRF/auth bypass/etc., outputs prioritized findings with confidence labels.
/auditPerforms security audit of codebase for dependency vulnerabilities, secrets, OWASP Top 10, input validation, auth issues, and misconfigs. Outputs findings report by severity with fixes and references.
/auditAudits project security: dependencies (npm/pip-audit), secrets (gitleaks), SAST (semgrep), OWASP Top 10; generates SECURITY_AUDIT.md, vulnerabilities.json, remediation-plan.md.
/auditLogs and labels agent interactions (prompts, responses, tool calls) to an append-only JSONL file. Subcommands: record and label.
/auditAudits any web asset across on-page SEO, content quality (CORE-EEAT), technical health, AI visibility/GEO readiness, and domain authority (CITE). Also supports --tech, --visibility, --authority scopes and competitor comparison.
/auditRuns a heavy-weight security and safety audit on Rust projects using os-checker tools. Checks for CVEs, unsafe code issues, undefined behavior, and concurrency bugs. Supports security, safety, concurrency, and full audit modes.