skills for everythingAgent Skill
2/7/2026security-audit
Includes sub-skills for OWASP Top 10 checks and ethical hacking heuristics.
X
xingxerx
0GitHub Stars
1Views
npx skills add xingxerx/TurboNet
SKILL.md
| Name | security-audit |
| Description | Includes sub-skills for OWASP Top 10 checks and ethical hacking heuristics. |
name: security-audit description: Includes sub-skills for OWASP Top 10 checks and ethical hacking heuristics.
Security Audit Skill
This skill allows the agent to perform basic security auditing and vulnerability scanning on the codebase.
OWASP Top 10 Checklist
When auditing, check for:
- Injection: SQLi, NoSQLi, Command Injection. (Look for concatenated strings in queries).
- Broken Auth: Weak passwords, missing tokens, exposed session IDs.
- Sensitive Data Exposure: Keys in code, PII logging, weak crypto.
- XXE: XML External Entities.
- Broken Access Control: IDOR, missing role checks.
Heuristics
- "Never trust user input."
- "Sanitize early, escape late."
- "Least Privilege principle."
Action
- If you find a vulnerability, flag it with
[SECURITY CRITICAL]. - Suggest a remediation (e.g., "Use parameterized queries").
Skills Info
Original Name:security-auditAuthor:xingxerx
Download