codebase-audit

Name: codebase-audit
Rating: 5 (8 reviews)
Author: GoldenWing-360

Audit an inherited or unfamiliar codebase systematically rather than ad-hoc. Covers scope discipline, day-0 triage, SAST and SCA tool recipes (semgrep, CodeQL, gitleaks, trivy), OWASP Top 10 mapped to grep patterns, auth-surface walkthrough, and writing reports that drive remediation. Invoke when inheriting a codebase, accepting an audit engagement, or reviewing AI-generated code before shipping.

8stars

Updated last month

View on GitHub ↗License: MIT

How to add

/plugin marketplace add GoldenWing-360/claude-security-skills

The exact command may vary by repository. Check the README on GitHub.

For the skill author

Drop this on your repo README

Shows your skill is listed on Skillteca, generates a backlink and trackable traffic.

[![Listada na Skillteca](https://www.skillteca.com.br/api/badge/codebase-audit/svg)](https://www.skillteca.com.br/skills/codebase-audit?utm_source=badge&utm_medium=readme&utm_campaign=badge)

#llm #git #ai #api #word

Related skills

See all in Segurança →

security-research

60.3k

Team Mode security research skill orchestrates 3 vulnerability hunters and 2 PoC engineers to audit a codebase in parallel, prove exploitability, classify root causes, and calibrate severity. It is used for security review, vulnerability research, exploitability audit, and threat model validation.

Segurançaby code-yeongyu

security-audit

39.2k

Comprehensive security auditing workflow covering web application testing, API security, penetration testing, vulnerability scanning, and security hardening.

Segurança#github#gitby sickn33

security-compliance-compliance-check

39.2k

You are a compliance expert specializing in regulatory requirements for software systems including GDPR, HIPAA, SOC2, PCI-DSS, and other industry standards. Perform comprehensive compliance audits and provide implementation guidance for achieving and maintaining compliance.

Segurança#github#gitby sickn33

security-auditor

39.2k

Expert security auditor specializing in DevSecOps, comprehensive cybersecurity, and compliance frameworks.

Segurança#github#gitby sickn33

Category alert

Get new Segurança skills every Monday

One short email with only the new Segurança skills. 4 minutes of reading, no spam, unsubscribe with one click.

You confirm your email on the first send. No spam. Unsubscribe with one click.

Codebase Audit — the Inherited-Code Playbook

This is the skill that binds the others together. Most engagement value from a security review comes from the auditor's process, not from any single check. A junior auditor with a great tool produces a noisy report; a senior auditor with grep and a methodology finds the things that matter.

This skill is the methodology. It walks the audit from "I just got SSH access / a repo URL" through to "here's the prioritized report with owners and dead

[Description truncada. Veja o README completo no GitHub.]

ShareX LinkedIn

Comments · No comments

No comments yet. Be the first.