security-audit
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseSecurity Audit Skill
安全审计Skill
Purpose
用途
Comprehensive security scanning and vulnerability detection. Includes input validation, path traversal prevention, CVE detection, and secure coding pattern enforcement.
全面的安全扫描与漏洞检测。包括输入验证、路径遍历防护、CVE检测以及安全编码规范强制执行。
When to Trigger
触发时机
- authentication implementation
- authorization logic
- payment processing
- user data handling
- API endpoint creation
- file upload handling
- database queries
- external API integration
- 身份验证实现
- 授权逻辑开发
- 支付流程处理
- 用户数据管理
- API端点创建
- 文件上传处理
- 数据库查询
- 外部API集成
When to Skip
跳过时机
- read-only operations on public data
- internal development tooling
- static documentation
- styling changes
- 公共数据的只读操作
- 内部开发工具
- 静态文档
- 样式变更
Commands
命令
Full Security Scan
全面安全扫描
Run comprehensive security analysis on the codebase
bash
npx @claude-flow/cli security scan --depth fullExample:
bash
npx @claude-flow/cli security scan --depth full --output security-report.json对代码库执行全面的安全分析
bash
npx @claude-flow/cli security scan --depth full示例:
bash
npx @claude-flow/cli security scan --depth full --output security-report.jsonInput Validation Check
输入验证检查
Check for input validation issues
bash
npx @claude-flow/cli security scan --check input-validationExample:
bash
npx @claude-flow/cli security scan --check input-validation --path ./src/api检查输入验证相关问题
bash
npx @claude-flow/cli security scan --check input-validation示例:
bash
npx @claude-flow/cli security scan --check input-validation --path ./src/apiPath Traversal Check
路径遍历检查
Check for path traversal vulnerabilities
bash
npx @claude-flow/cli security scan --check path-traversal检查路径遍历漏洞
bash
npx @claude-flow/cli security scan --check path-traversalSQL Injection Check
SQL注入检查
Check for SQL injection vulnerabilities
bash
npx @claude-flow/cli security scan --check sql-injection检查SQL注入漏洞
bash
npx @claude-flow/cli security scan --check sql-injectionXSS Check
XSS检查
Check for cross-site scripting vulnerabilities
bash
npx @claude-flow/cli security scan --check xss检查跨站脚本漏洞
bash
npx @claude-flow/cli security scan --check xssCVE Scan
CVE扫描
Scan dependencies for known CVEs
bash
npx @claude-flow/cli security cve --scanExample:
bash
npx @claude-flow/cli security cve --scan --severity high扫描依赖项中的已知CVE
bash
npx @claude-flow/cli security cve --scan示例:
bash
npx @claude-flow/cli security cve --scan --severity highSecurity Audit Report
安全审计报告
Generate full security audit report
bash
npx @claude-flow/cli security audit --reportExample:
bash
npx @claude-flow/cli security audit --report --format markdown --output SECURITY.md生成完整的安全审计报告
bash
npx @claude-flow/cli security audit --report示例:
bash
npx @claude-flow/cli security audit --report --format markdown --output SECURITY.mdThreat Modeling
威胁建模
Run threat modeling analysis
bash
npx @claude-flow/cli security threats --analyze执行威胁建模分析
bash
npx @claude-flow/cli security threats --analyzeValidate Secrets
验证密钥
Check for hardcoded secrets
bash
npx @claude-flow/cli security validate --check secrets检查硬编码的密钥
bash
npx @claude-flow/cli security validate --check secretsScripts
脚本
| Script | Path | Description |
|---|---|---|
| | Run full security scan pipeline |
| | Auto-remediate known CVEs |
| 脚本 | 路径 | 描述 |
|---|---|---|
| | 运行完整的安全扫描流水线 |
| | 自动修复已知CVE |
References
参考资料
| Document | Path | Description |
|---|---|---|
| | Security review checklist |
| | OWASP Top 10 mitigation guide |
| 文档 | 路径 | 描述 |
|---|---|---|
| | 安全审查清单 |
| | OWASP Top 10缓解指南 |
Best Practices
最佳实践
- Check memory for existing patterns before starting
- Use hierarchical topology for coordination
- Store successful patterns after completion
- Document any new learnings
- 开始前检查已有模式的内存存储
- 使用分层拓扑进行协调
- 完成后存储成功的模式
- 记录所有新的学习内容