1

    security-audit

    Professional security audit skill for web apps and APIs with structured severity-based findings and remediation plans.

    by Roy Yuen

    0 installs
    1 views

    About This Skill

    What it does

    The Security Audit skill provides a professional-grade framework for reviewing web applications, backend services, and APIs for critical security vulnerabilities. It systematically analyzes entry points, trust boundaries, and data paths to identify risks across authentication, session management, input validation, and infrastructure configuration.

    Why use this skill

    Unlike generic AI prompts that may provide speculative or vague security advice, this skill follows a structured commercial methodology. It focuses on defensible, high-impact risks rather than noise. It automates the "red-teaming" mindset to find insecure defaults and missing hardening steps that developers often overlook during standard code reviews.

    Supported tools

    • Claude Code
    • Codex
    • OpenCode

    What the output looks like

    You receive a structured security report categorized by severity. Each finding includes a concise risk statement, specific evidence from your codebase, and a concrete, actionable remediation plan to fix the vulnerability immediately.

    Key coverage areas

    • Authentication and Authorization flows
    • Input validation and Output safety (XSS/SQLi prevention)
    • Dependency hygiene and configuration hardening
    • API transport security and exposure

    How to Install

    unzip security-audit.zip -d ~/.claude/skills/

    $10

    One-time purchase • Own forever

    Security Scanned

    Passed automated security review

    Permissions

    No special permissions declared or detected

    Tags

    security-audit
    web-security
    penetration-testing
    api-security
    application-security

    Creator

    Roy Yuen

    Roy Yuen

    Frequently Asked Questions

    Learn More About AI Agent Skills

    Similar Skills

    code-reviewer

    Reviews your code for bugs, security vulnerabilities, logic errors, performance issues, and style violations. Organizes findings by severity and suggests fixes with code examples.

    $549 installs

    git-commit-writer

    Writes conventional commit messages by analyzing your staged git changes. Detects commit type, scope, and breaking changes automatically.

    Free25 installs

    readme-generator

    Generates a complete, polished README.md by scanning your actual project structure, dependencies, and code.

    Free23 installs

    pr-description-writer

    Writes clear pull request descriptions by analyzing your branch diff. Covers what changed, why, how, and what to test. Works with GitHub, GitLab, and Bitbucket.

    Free22 installs