Loading...
Loading...
Performs a comprehensive security review of code changes in a GitHub PR or issue. Checks out the branch, analyzes changed files against a 9-category security checklist, and produces PASS/WARNING/FAIL verdicts. Use when reviewing pull requests for security vulnerabilities, hardcoded secrets, injection flaws, auth bypasses, or insecure configurations. Trigger keywords - security review, code review, appsec, vulnerability assessment, security audit, review PR security.
npx skill4agent add nvidia/skills nemoclaw-maintainer-security-code-reviewghgithttps://github.com/OWNER/REPO/pull/NUMBERhttps://github.com/OWNER/REPO/issues/NUMBERgh repo view --json nameWithOwner -q .nameWithOwnergh pr checkout <number>TMPDIR=$(mktemp -d)
gh repo clone OWNER/REPO "$TMPDIR"
cd "$TMPDIR"
gh pr checkout <number>git diff main...HEAD --name-statusmaingh pr view <number> --json baseRefName -q .baseRefNamegit diff main...HEAD -- <file>.envpickle.loadsyaml.unsafe_loadevalnew Function| # | Category | Severity | File:Line | Description | Recommendation |
|---|