Skill

audit

Runs security audits on code, files, directories, staged git changes, or PRs for OWASP Top 10, CWE vulnerabilities, and anti-patterns. Generates structured reports with severity counts, remediation, and positives.

Git

security

npx claudepluginhub melodic-software/claude-code-plugins --plugin security

Tool Access

This skill is limited to using the following tools:

Task

Preview

Run a comprehensive security audit on specified code to identify vulnerabilities.

SKILL.md

Similar Skills

security-audit

Performs formal security audit of entire codebase, producing prioritized report (H/M/L) with remediation plan covering SAST, OWASP Top 10/LLM Top 10, SCA, Zero Trust, code quality.

4 files

digital-innovation-agents

review

Orchestrates parallel agents for security code audits (OWASP/CWE), secrets scanning, and dependency CVE checks on codebases, staged changes, or PRs.

1 tool

security

security-review

Performs security reviews on Git diffs identifying high-confidence exploitable vulnerabilities with severity/confidence scoring, OWASP 2025 alignment, and optional GitHub PR comments.

3 files3 tools

review

Stats

Parent Repo Stars63

Parent Repo Forks9

Last CommitFeb 15, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Security Audit Command

Run a comprehensive security audit on specified code to identify vulnerabilities.

Usage

/security:audit # Audit current directory /security:audit src/ # Audit specific directory /security:audit --staged # Audit staged git changes /security:audit --pr # Audit changes in current PR /security:audit api.py utils.js # Audit specific files

Execution

Delegate to the security-auditor agent with the following prompt:

If no arguments provided: "Perform a security audit on the current working directory. Focus on OWASP Top 10 vulnerabilities, CWE weaknesses, and security anti-patterns. Generate a structured security audit report."

If --staged argument: "Perform a security audit on staged git changes (git diff --staged). Focus on OWASP Top 10 vulnerabilities, CWE weaknesses, and security anti-patterns in the changed code. Generate a structured security audit report."

If --pr argument: "Perform a security audit on the current PR changes (git diff main...HEAD). Focus on OWASP Top 10 vulnerabilities, CWE weaknesses, and security anti-patterns in the changed code. Generate a structured security audit report."

If files/directory specified: "Perform a security audit on $ARGUMENTS. Focus on OWASP Top 10 vulnerabilities, CWE weaknesses, and security anti-patterns. Generate a structured security audit report."

Output

The security-auditor agent produces a structured report including:

Executive summary with severity counts

Critical/High/Medium/Low findings with CWE references

Remediation guidance with code examples

Positive security findings (properly implemented controls)

Security Audit Command

Run a comprehensive security audit on specified code to identify vulnerabilities.

Usage

/security:audit                    # Audit current directory
/security:audit src/               # Audit specific directory
/security:audit --staged           # Audit staged git changes
/security:audit --pr               # Audit changes in current PR
/security:audit api.py utils.js    # Audit specific files

Execution

Delegate to the security-auditor agent with the following prompt:

Output

The security-auditor agent produces a structured report including:

Executive summary with severity counts
Critical/High/Medium/Low findings with CWE references
Remediation guidance with code examples
Positive security findings (properly implemented controls)