Stats
Actions
Tags
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
From utopia-funds-dd
Audits repository security — hardcoded secrets, dependency vulnerabilities, environment variable management, and authentication patterns. Use when the user asks to "check security", "find secrets", "audit dependencies", or "secure my repo". Don't use for code review, deployment, or monitoring.
How this skill is triggered — by the user, by Claude, or both
Slash command
/utopia-funds-dd:security-auditorThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Finds and fixes common security issues in repositories built by solo founders and small teams.
Finds and fixes common security issues in repositories built by solo founders and small teams.
# Check for common secret patterns
grep -rn --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" --include="*.py" --include="*.env" \
-E "(sk-[a-zA-Z0-9]{20,}|api_key\s*=\s*['\"][^'\"]+|password\s*=\s*['\"][^'\"]+|secret\s*=\s*['\"][^'\"]+|AWS_ACCESS_KEY|PRIVATE_KEY)" . \
| grep -v node_modules | grep -v '.env.example' | head -30
If matches found: flag as critical and recommend moving to environment variables.
.env should be in .gitignore (if not: critical).env.example should exist listing all required variables.env files committed to git historyprocess.env. or os.environ usage without defaultsFor Node.js:
npm audit --production 2>/dev/null || echo "npm audit not available"
For Python:
pip-audit 2>/dev/null || echo "pip-audit not available"
Flag: critical and high severity vulnerabilities.
* in production? (flag as warning)## 🔒 Security Audit
### Critical Issues
- {issue}: {location} — {fix}
### Warnings
- {issue}: {location} — {recommendation}
### Good Practices Found
- {practice already in place}
.env + .env.example pattern2plugins reuse this skill
First indexed Apr 22, 2026
npx claudepluginhub the-utopia-studio/skills --plugin utopia-funds-ddBlocks Edit/Write/Bash actions until Claude investigates importers, data schemas, and user instructions. Improves output quality by forcing concrete facts before edits.