Security Review Skill

Identify exploitable security vulnerabilities in code. Report only HIGH CONFIDENCE findings—clear vulnerable patterns with attacker-controlled input.

Scope: Research vs. Reporting

CRITICAL DISTINCTION:

Report on: Only the specific file, diff, or code provided by the user
Research: The ENTIRE codebase to build confidence before reporting

Before flagging any issue, you MUST research the codebase to understand:

Where does this input actually come from? (Trace data flow)
Is there validation/sanitization elsewhere?
How is this configured? (Check settings, config files, middleware)
What framework protections exist?

Do NOT report issues based solely on pattern matching. Investigate first, then report only what you're confident is exploitable.

Confidence Levels

Level	Criteria	Action
HIGH	Vulnerable pattern + attacker-controlled input confirmed	Report with severity
MEDIUM	Vulnerable pattern, input source unclear	Note as "Needs verification"
LOW	Theoretical, best practice, defense-in-depth	Do not report

Do Not Flag

General Rules

Test files (unless explicitly reviewing test security)
Dead code, commented code, documentation strings
Patterns using constants or server-controlled configuration
Code paths that require prior authentication to reach (note the auth requirement instead)

Server-Controlled Values (NOT Attacker-Controlled)

These are configured by operators, not controlled by attackers:

Source	Example	Why It's Safe
Django settings	`settings.API_URL` , `settings.ALLOWED_HOSTS`	Set via config/env at deployment
Environment variables	`os.environ.get('DATABASE_URL')`	Deployment configuration
Config files	`config.yaml` , `app.config['KEY']`	Server-side files
Framework constants	`django.conf.settings.*`	Not user-modifiable
Hardcoded values	`BASE_URL = "https://api.internal"`	Compile-time constants

SSRF Example - NOT a vulnerability:

python

# SAFE: URL comes from Django settings (server-controlled)
response = requests.get(f"{settings.SEER_AUTOFIX_URL}{path}")

SSRF Example - IS a vulnerability:

python

# VULNERABLE: URL comes from request (attacker-controlled)
response = requests.get(request.GET.get('url'))

Framework-Mitigated Patterns

Check language guides before flagging. Common false positives:

Pattern	Why It's Usually Safe
Django `{{ variable }}`	Auto-escaped by default
React `{variable}`	Auto-escaped by default
Vue `{{ variable }}`	Auto-escaped by default
`User.objects.filter(id=input)`	ORM parameterizes queries
`cursor.execute("...%s", (input,))`	Parameterized query
`innerHTML = "<b>Loading...</b>"`	Constant string, no user input

Only flag these when:

Django:

{{ var|safe }}

{% autoescape off %}

mark_safe(user_input)

React:

dangerouslySetInnerHTML={{__html: userInput}}

Vue:
```
v-html="userInput"
```
ORM:
```
.raw()
```
,
```
.extra()
```
,
```
RawSQL()
```
with string interpolation

Review Process

1. Detect Context

What type of code am I reviewing?

Code Type	Load These References
API endpoints, routes	`authorization.md` , `authentication.md` , `injection.md`
Frontend, templates	`xss.md` , `csrf.md`
File handling, uploads	`file-security.md`
Crypto, secrets, tokens	`cryptography.md` , `data-protection.md`
Data serialization	`deserialization.md`
External requests	`ssrf.md`
Business workflows	`business-logic.md`
GraphQL, REST design	`api-security.md`
Config, headers, CORS	`misconfiguration.md`
CI/CD, dependencies	`supply-chain.md`
Error handling	`error-handling.md`
Audit, logging	`logging.md`

2. Load Language Guide

Based on file extension or imports:

Indicators	Guide
`.py` , `django` , `flask` , `fastapi`	`languages/python.md`
`.js` , `.ts` , `express` , `react` , `vue` , `next`	`languages/javascript.md`
`.go` , `go.mod`	`languages/go.md`
`.rs` , `Cargo.toml`	`languages/rust.md`
`.java` , `spring` , `@Controller`	`languages/java.md`

3. Load Infrastructure Guide (if applicable)

File Type	Guide
`Dockerfile` , `.dockerignore`	`infrastructure/docker.md`
K8s manifests, Helm charts	`infrastructure/kubernetes.md`
`.tf` , Terraform	`infrastructure/terraform.md`
GitHub Actions, `.gitlab-ci.yml`	`infrastructure/ci-cd.md`
AWS/GCP/Azure configs, IAM	`infrastructure/cloud.md`

4. Research Before Flagging

For each potential issue, research the codebase to build confidence:

Where does this value actually come from? Trace the data flow.
Is it configured at deployment (settings, env vars) or from user input?
Is there validation, sanitization, or allowlisting elsewhere?
What framework protections apply?

Only report issues where you have HIGH confidence after understanding the broader context.

5. Verify Exploitability

For each potential finding, confirm:

Is the input attacker-controlled?

Attacker-Controlled (Investigate)	Server-Controlled (Usually Safe)
`request.GET` , `request.POST` , `request.args`	`settings.X` , `app.config['X']`
`request.json` , `request.data` , `request.body`	`os.environ.get('X')`
`request.headers` (most headers)	Hardcoded constants
`request.cookies` (unsigned)	Internal service URLs from config
URL path segments: `/users/<id>/`	Database content from admin/system
File uploads (content and names)	Signed session data
Database content from other users	Framework settings
WebSocket messages

Does the framework mitigate this?

Check language guide for auto-escaping, parameterization
Check for middleware/decorators that sanitize

Is there validation upstream?

Input validation before this code
Sanitization libraries (DOMPurify, bleach, etc.)

6. Report HIGH Confidence Only

Skip theoretical issues. Report only what you've confirmed is exploitable after research.

Severity Classification

Severity	Impact	Examples
Critical	Direct exploit, severe impact, no auth required	RCE, SQL injection to data, auth bypass, hardcoded secrets
High	Exploitable with conditions, significant impact	Stored XSS, SSRF to metadata, IDOR to sensitive data
Medium	Specific conditions required, moderate impact	Reflected XSS, CSRF on state-changing actions, path traversal
Low	Defense-in-depth, minimal direct impact	Missing headers, verbose errors, weak algorithms in non-critical context

Quick Patterns Reference

Always Flag (Critical)

eval(user_input)           # Any language
exec(user_input)           # Any language
pickle.loads(user_data)    # Python
yaml.load(user_data)       # Python (not safe_load)
unserialize($user_data)    # PHP
deserialize(user_data)     # Java ObjectInputStream
shell=True + user_input    # Python subprocess
child_process.exec(user)   # Node.js

Always Flag (High)

innerHTML = userInput              # DOM XSS
dangerouslySetInnerHTML={user}     # React XSS
v-html="userInput"                 # Vue XSS
f"SELECT * FROM x WHERE {user}"    # SQL injection
`SELECT * FROM x WHERE ${user}`    # SQL injection
os.system(f"cmd {user_input}")     # Command injection

Always Flag (Secrets)

password = "hardcoded"
api_key = "sk-..."
AWS_SECRET_ACCESS_KEY = "..."
private_key = "-----BEGIN"

Check Context First (MUST Investigate Before Flagging)

# SSRF - ONLY if URL is from user input, NOT from settings/config
requests.get(request.GET['url'])     # FLAG: User-controlled URL
requests.get(settings.API_URL)       # SAFE: Server-controlled config
requests.get(f"{settings.BASE}/{x}") # CHECK: Is 'x' user input?

# Path traversal - ONLY if path is from user input
open(request.GET['file'])            # FLAG: User-controlled path
open(settings.LOG_PATH)              # SAFE: Server-controlled config
open(f"{BASE_DIR}/{filename}")       # CHECK: Is 'filename' user input?

# Open redirect - ONLY if URL is from user input
redirect(request.GET['next'])        # FLAG: User-controlled redirect
redirect(settings.LOGIN_URL)         # SAFE: Server-controlled config

# Weak crypto - ONLY if used for security purposes
hashlib.md5(file_content)            # SAFE: File checksums, caching
hashlib.md5(password)                # FLAG: Password hashing
random.random()                      # SAFE: Non-security uses (UI, sampling)
random.random() for token            # FLAG: Security tokens need secrets module

Output Format

markdown

## Security Review: [File/Component Name]

### Summary
- **Findings**: X (Y Critical, Z High, ...)
- **Risk Level**: Critical/High/Medium/Low
- **Confidence**: High/Mixed

### Findings

#### [VULN-001] [Vulnerability Type] (Severity)
- **Location**: `file.py:123`
- **Confidence**: High
- **Issue**: [What the vulnerability is]
- **Impact**: [What an attacker could do]
- **Evidence**:
  ```python
  [Vulnerable code snippet]

Fix: [How to remediate]

Needs Verification

[VERIFY-001] [Potential Issue]

Location:
```
file.py:456
```
Question: [What needs to be verified]


If no vulnerabilities found, state: "No high-confidence vulnerabilities identified."

---

## Reference Files

### Core Vulnerabilities (`references/`)
| File | Covers |
|------|--------|
| `injection.md` | SQL, NoSQL, OS command, LDAP, template injection |
| `xss.md` | Reflected, stored, DOM-based XSS |
| `authorization.md` | Authorization, IDOR, privilege escalation |
| `authentication.md` | Sessions, credentials, password storage |
| `cryptography.md` | Algorithms, key management, randomness |
| `deserialization.md` | Pickle, YAML, Java, PHP deserialization |
| `file-security.md` | Path traversal, uploads, XXE |
| `ssrf.md` | Server-side request forgery |
| `csrf.md` | Cross-site request forgery |
| `data-protection.md` | Secrets exposure, PII, logging |
| `api-security.md` | REST, GraphQL, mass assignment |
| `business-logic.md` | Race conditions, workflow bypass |
| `modern-threats.md` | Prototype pollution, LLM injection, WebSocket |
| `misconfiguration.md` | Headers, CORS, debug mode, defaults |
| `error-handling.md` | Fail-open, information disclosure |
| `supply-chain.md` | Dependencies, build security |
| `logging.md` | Audit failures, log injection |

### Language Guides (`languages/`)
- `python.md` - Django, Flask, FastAPI patterns
- `javascript.md` - Node, Express, React, Vue, Next.js
- `go.md` - Go-specific security patterns
- `rust.md` - Rust unsafe blocks, FFI security
- `java.md` - Spring, Java EE patterns

### Infrastructure (`infrastructure/`)
- `docker.md` - Container security
- `kubernetes.md` - K8s RBAC, secrets, policies
- `terraform.md` - IaC security
- `ci-cd.md` - Pipeline security
- `cloud.md` - AWS/GCP/Azure security

security-review

NPX Install

Tags

SKILL.md Content