Skill

crypto-review

Crypto-misuse review — non-constant-time comparison of secrets (timing side-channels), missing/compiler-elidable zeroization of secrets, and non-cryptographic RNG used to mint secrets. The crypto-reviewer agent confirms each candidate handles a secret and promotes real issues into .kuzushi/findings.json (source "crypto-review"). Distinct from /sast (injection) and /sharp-edges (API design).

npx claudepluginhub allsmog/kuzushi-security-plugin --plugin kuzushi-security-plugin

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/kuzushi-security-plugin:crypto-review

User invocable

Model invocable

Forked subagent

Default effort

Configuration

Agentcrypto-reviewer

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Find the crypto-implementation footguns that look fine but leak or weaken secrets.

SKILL.md

38 lines · ~530 tokens

Similar Skills

uspto-database

208.4k

Searches USPTO patent and trademark records from official APIs including PatentSearch, TSDR, and assignment databases.

ecc

Stats

LanguageJavaScript

Stars0

MaintenanceExcellent

Last CommitMay 28, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

crypto-review

Crypto review

Find the crypto-implementation footguns that look fine but leak or weaken secrets.

Run node "${CLAUDE_PLUGIN_ROOT}/scripts/cmd/crypto-review-prepare.mjs" --target "<repo root>" (optionally --input '{"maxCandidates":30}'). If it reports no-candidates, say so and stop. Read the prep's prepPath.

For each candidate, open the site and first confirm the value is secret-derived, then assess by category: timing-side-channel (variable-time compare of a secret), missing-zeroization (secret not securely wiped / elidable memset), or weak-crypto-rng (non-CSPRNG minting a token/key/nonce). Decide finding / candidate / rejected.

Write the { candidates: [...] } bundle to the prep's draftPath, then run the assembleCommand — it validates verdicts/categories and promotes them into .kuzushi/findings.json (source:"crypto-review").

Report findings by category (file:line, the leak/weakness, and the constant-time / secure-zero / CSPRNG fix to use).

When NOT to use

On code with no cryptographic / secret handling — nothing to review.

For injection or API-design misuse — that's /sast, /taint-analysis, and /sharp-edges.

Rationalizations to Reject

"Just a string compare." → If a side is a secret (MAC/token/hash), a variable-time compare leaks it; confirm secret-derivation before clearing.

"memset wipes it." → A plain memset on a dying buffer is often optimized away; only a secure-zero primitive counts.

"The RNG is random enough." → Math.random/rand() are predictable; for secrets that's a finding.

Crypto review

Find the crypto-implementation footguns that look fine but leak or weaken secrets.

Run node "${CLAUDE_PLUGIN_ROOT}/scripts/cmd/crypto-review-prepare.mjs" --target "<repo root>" (optionally --input '{"maxCandidates":30}'). If it reports no-candidates, say so and stop. Read the prep's prepPath.
For each candidate, open the site and first confirm the value is secret-derived, then assess by category: timing-side-channel (variable-time compare of a secret), missing-zeroization (secret not securely wiped / elidable memset), or weak-crypto-rng (non-CSPRNG minting a token/key/nonce). Decide finding / candidate / rejected.
Write the { candidates: [...] } bundle to the prep's draftPath, then run the assembleCommand — it validates verdicts/categories and promotes them into .kuzushi/findings.json (source:"crypto-review").
Report findings by category (file:line, the leak/weakness, and the constant-time / secure-zero / CSPRNG fix to use).

When NOT to use

On code with no cryptographic / secret handling — nothing to review.
For injection or API-design misuse — that's /sast, /taint-analysis, and /sharp-edges.

Rationalizations to Reject

"Just a string compare." → If a side is a secret (MAC/token/hash), a variable-time compare leaks it; confirm secret-derivation before clearing.
"memset wipes it." → A plain memset on a dying buffer is often optimized away; only a secure-zero primitive counts.
"The RNG is random enough." → Math.random/rand() are predictable; for secrets that's a finding.

crypto-review

Invocation

Configuration

Context Preview

SKILL.md

Similar Skills

Help us improve

Help us improve

Find plugins for your project

crypto-review

Invocation

Configuration

Context Preview

SKILL.md

Crypto review

When NOT to use

Rationalizations to Reject

Similar Skills

Help us improve

Crypto review

When NOT to use

Rationalizations to Reject