KS
Killer-Skills

security-audit — Categories.community

v1.0.0
GitHub

About this Skill

Perfect for Code Review Agents needing comprehensive security audit capabilities against OWASP Top 10 vulnerabilities. Landing page oficial da WM3, criada para consolidar o reposicionamento da agência no mercado digital. Centraliza todos os links, serviços e projetos em um só hub estratégico, refletindo a nova fase da marca e a integração de soluções de automação e IA.

duhenri9 duhenri9
[0]
[0]
Updated: 3/5/2026

Quality Score

Top 5%
54
Excellent
Based on code quality & docs
Installation
SYS Universal Install (Auto-Detect)
Cursor IDE Windsurf IDE VS Code IDE
> npx killer-skills add duhenri9/wm3_digital

Agent Capability Analysis

The security-audit MCP Server by duhenri9 is an open-source Categories.community integration for Claude and other AI agents, enabling seamless task automation and capability expansion.

Ideal Agent Persona

Perfect for Code Review Agents needing comprehensive security audit capabilities against OWASP Top 10 vulnerabilities.

Core Value

Empowers agents to identify and mitigate security risks through SQL injection protection, secure authentication protocols like bcrypt and argon2, and encrypted data storage with TLS.

Capabilities Granted for security-audit MCP Server

Performing security audits on web applications
Identifying injection vulnerabilities in SQL queries
Enforcing secure authentication and authorization practices

! Prerequisites & Limits

  • Requires access to codebase for review
  • Limited to OWASP Top 10 checklist
  • May require additional configuration for custom security protocols
Project
SKILL.md
1.7 KB
.cursorrules
1.2 KB
package.json
240 B
Ready
UTF-8

# Tags

[No tags]
SKILL.md
Readonly

Security Audit

When to Use

Use this skill when reviewing code for security or performing security audits.

OWASP Top 10 Checklist

1. Injection

  • SQL queries use parameterized statements
  • OS commands avoid user input
  • LDAP queries are sanitized

2. Broken Authentication

  • Passwords hashed with bcrypt/argon2
  • Session tokens are secure random
  • MFA available for sensitive operations

3. Sensitive Data Exposure

  • Data encrypted at rest
  • TLS for data in transit
  • Secrets not in code/logs

4. XML External Entities (XXE)

  • XML parsing disables external entities
  • JSON preferred over XML

5. Broken Access Control

  • Authorization checked on every request
  • Direct object references validated
  • CORS configured correctly

6. Security Misconfiguration

  • Debug mode disabled in production
  • Default credentials changed
  • Security headers set

7. Cross-Site Scripting (XSS)

  • Output encoding applied
  • Content Security Policy set
  • Input validation present

8. Insecure Deserialization

  • User input not deserialized directly
  • Integrity checks on serialized data

9. Using Components with Known Vulnerabilities

  • Dependencies up to date
  • Vulnerability scanning in CI
  • SBOM maintained

10. Insufficient Logging & Monitoring

  • Security events logged
  • Logs don't contain sensitive data
  • Alerting configured

Report Format

markdown
1## Security Audit: [Component]
2
3### Scope
4[What was reviewed]
5
6### Findings
7| ID | Severity | Issue | Remediation |
8|----|----------|-------|-------------|
9| S1 | Critical | [Issue] | [Fix] |
10
11### Recommendations
121. [Priority recommendation]
132. [Secondary recommendation]

Related Skills

Looking for an alternative to security-audit or building a Categories.community AI Agent? Explore these related open-source MCP Servers.

View All

widget-generator

Logo of f
f

widget-generator is an open-source AI agent skill for creating widget plugins that are injected into prompt feeds on prompts.chat. It supports two rendering modes: standard prompt widgets using default PromptCard styling and custom render widgets built as full React components.

149.6k
0
Design

chat-sdk

Logo of lobehub
lobehub

chat-sdk is a unified TypeScript SDK for building chat bots across multiple platforms, providing a single interface for deploying bot logic.

73.0k
0
Communication

zustand

Logo of lobehub
lobehub

The ultimate space for work and life — to find, build, and collaborate with agent teammates that grow with you. We are taking agent harness to the next level — enabling multi-agent collaboration, effortless agent team design, and introducing agents as the unit of work interaction.

72.8k
0
Communication

data-fetching

Logo of lobehub
lobehub

The ultimate space for work and life — to find, build, and collaborate with agent teammates that grow with you. We are taking agent harness to the next level — enabling multi-agent collaboration, effortless agent team design, and introducing agents as the unit of work interaction.

72.8k
0
Communication