A systematic security auditor that walks through your JavaScript/TypeScript codebase looking for OWASP Top 10 vulnerabilities. It catches the usual suspects like hardcoded secrets, SQL injection risks, missing auth checks, and tokens stored in localStorage. The workflow is smart: it discovers issues, categorizes them by severity, then references specific fix patterns. What I like is the two-mode approach. Ask for an audit and you get a report to review before changing anything. Trigger it during feature work and it fixes vulnerabilities inline without ceremony. The progressive disclosure design keeps context usage low by loading detailed examples only when needed. Solid for pre-deployment checks or whenever you're adding auth, APIs, or file uploads.
npx skills add https://github.com/gohypergiant/agent-skills --skill accelint-security-best-practices