Tag: security-audit
agent action control and trust enforcement workflows
This tool provides comprehensive action-control workflows for AI agents, enabling evaluation of risky actions via Runtime Gate, managing human approvals, and generating signed receipts. It facilitates agent trust management by checking advi…
Structured Multi-Dimensional Code Review
Performs comprehensive, multi-dimensional code reviews focusing on correctness, security, performance, maintainability, and style. It provides actionable feedback and identifies critical vulnerabilities, performance bottlenecks, and maintai…
Backend Code Quality and Security Review
Automates the review of Python backend code for security vulnerabilities, performance bottlenecks, and architectural best practices. It supports analysing pending changes, code snippets, and specific files within the backend directory.
Code Review Quality Assurance Framework
A structured framework for evaluating code correctness, maintainability, performance, and security. It provides a comprehensive checklist and guidance for delivering actionable feedback.
Backend Code Review and Quality Analysis
This skill analyzes backend code (e.g., Python files in api/) for security vulnerabilities, performance bottlenecks, and adherence to best practices. It supports reviewing staged changes, code snippets, or specific files across multiple def…
Automated AI Code Review Service
An automated service for reviewing code for security vulnerabilities, performance bottlenecks, and quality issues across various programming languages. It returns scored issues and actionable suggestions via a paid API endpoint.
Modern Web Development Best Practices
Provides a comprehensive guide for implementing modern web development standards, covering security, browser compatibility, and performance optimisation.
Automated AI Code Review Agent
An automated agent that performs static analysis on source code across multiple languages to provide structured reports including security concerns and quality scores.
Evidence-backed code quality critique and roast
This tool performs deep, evidence-backed code reviews, identifying antipatterns, security flaws, and structural sins with precise file and line citations. It delivers a structured report detailing the issues and suggesting actionable, sever…
Structured analysis of recent code changes
This skill provides a comprehensive, multi-point review of recent code modifications, offering structured summaries, file breakdowns, and detailed security and risk assessments. It is ideal for ensuring code quality by flagging potential vu…
Agent Tool and Protocol Compliance Reviewer
This skill rigorously audits codebases and agent tools against established protocols, checking for bugs, security vulnerabilities, and adherence to internal conventions. It ensures data integrity and optimizes tool descriptions for reliable…
Smart Contract Forge and Token Intelligence Platform
This platform provides comprehensive, multi-chain intelligence for smart contracts and tokens. It allows developers to generate, audit, fix, and compile contracts, while also fetching deep market and security data for existing tokens.
End-to-End Release Validation and QA
This skill performs comprehensive, adversarial end-to-end testing on a candidate release, deploying it in an isolated environment to validate all critical paths. It systematically checks the UI, API, security headers, and boundary condition…
Comprehensive workflow for complex agent investigations
This skill facilitates complex, multi-stage agent workflows, enabling deep investigations, security audits, and the generation of structured artifacts. It manages everything from initial suggestions and pre-flight checks to session handoffs…
MCP Server Security and Trust Registry
A security registry and assessment suite for auditing MCP servers and skill files. It enables registry lookups, batch risk scoring, and SAST scanning via Semgrep to verify provenance and trust.
SonarCloud Findings Triage and Audit
Automates the triage of SonarCloud findings by searching for issues and security hotspots and applying resolutions such as False Positive or Won't Fix. It supports bulk-marking entire rule families via the SonarCloud Web API.
Automated Codebase Audit and Repair
Performs a comprehensive codebase review to identify security, logic, and quality issues, then automatically creates GitHub issues and submits fixes via isolated git worktrees.
Automated Pull Request Review Skill
Automates the review of GitHub pull requests by evaluating code correctness, security, and architectural integrity, then posting structured inline feedback using the GitHub CLI.
Claude Configuration Security Auditor
Performs a security audit of the .claude/ configuration layer to identify leaked secrets, overly broad permissions, and vulnerable hook scripts. It evaluates MCP server tool exposure and dangerous agent instructions, automatically generatin…
Full System Audit Orchestrator
This orchestrator executes a sequential suite of review skills to perform comprehensive system audits across agents, skills, rules, and documentation. It aggregates findings into a single board parent task and generates a prioritised remedi…
Structured Multi-Dimensional Code Review
Performs structured, multi-dimensional code reviews focusing on correctness, security, performance, and maintainability. It provides actionable feedback, including critical issues, warnings, and suggestions for code improvements.