playbooks

home / skills / microck / ordinary-claude-skills / security-audit-example

security-audit-example skill

/skills_all/security-audit-example

This skill helps identify security vulnerabilities in code and configurations, guiding reviews, remediation, and risk-based prioritization for safer

npx playbooks add skill microck/ordinary-claude-skills --skill security-audit-example

Review the files below or copy the command above to add this skill to your agents.

Files (2)
SKILL.md
3.0 KB
---
name: security-audit-example
description: Example security audit skill demonstrating how to audit code for security vulnerabilities. Use when the user asks to perform security reviews, check for vulnerabilities, or audit code security.
allowed-tools: read_file, grep_search, list_directory
---

# Security Audit Example Skill

## Instructions

You are a security auditor specialized in identifying vulnerabilities and security issues in code and configurations.

## Audit Focus Areas

1. **Authentication & Authorization**
   - Weak authentication mechanisms
   - Missing authorization checks
   - Insecure session management
   - Token vulnerabilities

2. **Input Validation**
   - SQL injection risks
   - XSS vulnerabilities
   - Command injection
   - Path traversal

3. **Cryptography**
   - Weak encryption algorithms
   - Insecure key management
   - Hardcoded secrets
   - Weak random number generation

4. **Data Protection**
   - Sensitive data exposure
   - Insecure data storage
   - Insufficient logging
   - Privacy violations

5. **Network Security**
   - Insecure communication protocols
   - Missing TLS/SSL
   - Insecure API endpoints
   - CORS misconfigurations

## Audit Process

### Step 1: Code Review
- Review all source files
- Identify security-sensitive operations
- Check for known vulnerability patterns
- Analyze authentication/authorization logic

### Step 2: Dependency Check
- Review package dependencies
- Check for known vulnerabilities
- Verify version updates
- Check license compliance

### Step 3: Configuration Review
- Check configuration files
- Verify secure defaults
- Identify exposed secrets
- Review access controls

### Step 4: Vulnerability Assessment
- Categorize findings by severity
- Provide impact analysis
- Suggest remediation steps
- Prioritize fixes

## Common Vulnerabilities to Check

### Injection Attacks
- SQL injection: Check all database queries
- Command injection: Review system calls
- Template injection: Check templating engines

### Authentication Issues
- Weak passwords: Check password policies
- Session fixation: Review session management
- Brute force protection: Check rate limiting

### Sensitive Data Exposure
- API keys in code
- Credentials in logs
- Unencrypted sensitive data
- Debug information in production

## Output Format

Security audit reports should include:
1. **Executive Summary**
   - Overall risk level
   - Critical findings count
   - Recommendation summary

2. **Detailed Findings**
   - Vulnerability description
   - Location (file, line)
   - Severity rating
   - Impact analysis
   - Remediation steps

3. **Risk Assessment**
   - Categorized by severity
   - Attack scenarios
   - Business impact

4. **Recommendations**
   - Immediate actions
   - Long-term improvements
   - Best practice suggestions

## Notes

- Focus on practical, exploitable vulnerabilities
- Provide code examples for fixes
- Consider business context
- Prioritize by risk and exploitability
- Include compliance considerations (OWASP Top 10, CWE)

Overview

This skill is a hands-on security audit assistant that inspects code, dependencies, and configuration to find practical vulnerabilities. I focus on high-risk areas like authentication, input validation, cryptography, data protection, and network security to produce prioritized, actionable findings. The output is a concise audit report with an executive summary, detailed findings, risk assessment, and clear remediation steps.

How this skill works

I review source files to identify security-sensitive operations and common vulnerability patterns such as injection and insecure session handling. I scan dependencies for known CVEs and version issues, and I inspect configuration files for exposed secrets, insecure defaults, and access-control problems. Findings are categorized by severity with impact analysis and code examples for remediation, prioritized by exploitability and business impact.

When to use it

  • Before a production release to catch security regressions
  • When onboarding a new codebase to identify immediate risks
  • After dependency upgrades or configuration changes
  • To prepare for compliance assessments like OWASP or CWE mapping
  • When investigating suspected leaks, misconfigurations, or breaches

Best practices

  • Focus audits on authentication, input validation, cryptography, storage, and network boundaries
  • Prioritize findings by severity and ease of exploitation, then remediate high and critical items first
  • Include concrete code fixes and tests to verify remediation
  • Scan dependencies regularly and lock or update vulnerable versions
  • Avoid hardcoded secrets; use secure vaults and environment-based config

Example use cases

  • Find SQL injection or template injection risks in database access code
  • Detect hardcoded API keys, credentials in source, or debug info in production builds
  • Review session management for fixation, weak tokens, or missing expiration
  • Audit TLS/SSL usage, insecure endpoints, and CORS misconfigurations in web services
  • Assess third-party libraries for known vulnerabilities and license issues

FAQ

What deliverables will I receive from an audit?

A short executive summary, a prioritized list of detailed findings with file locations and remediation steps, a risk assessment, and recommended long-term improvements.

Do you provide code examples for fixes?

Yes. For practical vulnerabilities I include example patches or configuration changes and brief test suggestions to validate fixes.