This runs a thorough security audit across your codebase, checking for exposed secrets in files and git history, injection vulnerabilities (SQL, NoSQL, command, XSS, path traversal), authentication and authorization flaws like IDOR, data exposure in API responses, missing input validation, and vulnerable dependencies. It uses grep and bash commands to scan for hardcoded credentials, then walks through code patterns looking for common mistakes like string concatenation in queries or missing ownership checks on resources. The checklist is comprehensive enough that you'll probably find something even in codebases you thought were clean. Good for pre-deployment reviews or when inheriting a project and need to know what you're dealing with.
npx skills add https://github.com/aakash-dhar/claude-skills --skill security-audit