Detects code risks and security issues during review, risk scanning, or code evaluation. Writes findings to risks.md with impact level and file:line references.
From vibenpx claudepluginhub jwlutz/claude_code_frameworkThis skill uses the workspace's default tool permissions.
Searches, retrieves, and installs Agent Skills from prompts.chat registry using MCP tools like search_skills and get_skill. Activates for finding skills, browsing catalogs, or extending Claude.
Searches prompts.chat for AI prompt templates by keyword or category, retrieves by ID with variable handling, and improves prompts via AI. Use for discovering or enhancing prompts.
Guides idea refinement into designs: explores context, asks questions one-by-one, proposes approaches, presents sections for approval, writes/review specs before coding.
Scan using Grep with these patterns. Tag each finding with impact level and file:line.
Language-agnostic (all projects):
(api_key|password|secret|token|private_key)\s*=\s*["'][^"']+["'].env files committed to git (check .gitignore)JavaScript/TypeScript:
eval(), new Function()innerHTML, dangerouslySetInnerHTMLreq.params, req.query, req.bodyconsole.log in production code (not in debug/ or test files)Python:
exec(), eval()cursor.execute with string formatting (SQL injection)except: (swallows all errors)print() in production code (not in debug/ or test files)Write findings to risks.md using sequential IDs (#R1, #R2...). One line per risk, max two lines.
Format: #RN [IMPACT] Description. file:line (found DATE)
Compare against existing risks.md baseline. Report delta: added (list), resolved (list), net change per impact level.