Security PR Checklist Skill

Security PR 审查清单 Skill

Standardized security review for pull requests.

为拉取请求（PR）提供标准化的安全审查流程。

PR Security Checklist

PR 安全审查清单

markdown

undefined

markdown

undefined

Security Review Checklist

Authentication & Authorization

No hardcoded credentials
Authorization checks on all endpoints
Session management secure
Rate limiting on auth endpoints

无硬编码凭证
所有端点均进行授权校验
会话管理安全
认证端点启用速率限制

Input Validation

All inputs validated
Output properly encoded
No SQL injection risks
No XSS vulnerabilities

所有输入均经过校验
输出已正确编码
无SQL注入风险
无XSS漏洞

Data Protection

Sensitive data encrypted at rest
HTTPS enforced
No PII in logs
Secure cookie configuration

敏感数据静态存储时已加密
强制使用HTTPS
日志中不包含个人可识别信息（PII）
Cookie配置安全

Dependencies

No new high/critical vulnerabilities
Dependencies up to date
No suspicious packages

无新增高/严重级漏洞
依赖项已更新至最新版本
无可疑包

Secrets Management

No secrets in code
Environment variables used
.env files in .gitignore

代码中不包含密钥信息
使用环境变量存储敏感信息
.env文件已加入.gitignore

Error Handling

No sensitive info in errors
Generic error messages
Proper logging

undefined

错误信息中不包含敏感内容
使用通用错误提示信息
日志记录规范

undefined

security-pr-checklist-skill

Original

Translation

Security PR Checklist Skill

Security PR 审查清单 Skill

PR Security Checklist

PR 安全审查清单

Security Review Checklist

Security Review Checklist

Authentication & Authorization

Authentication & Authorization

Input Validation

Input Validation

Data Protection

Data Protection

Dependencies

Dependencies

Secrets Management

Secrets Management

Error Handling

Error Handling

Output Checklist

输出清单