Two agent security workflow that's more focused than general code review. Aegis does the vulnerability scan checking for injection attacks, auth issues, hardcoded secrets, and OWASP Top 10 patterns, then arbiter verifies your fixes and runs security tests. Good for authentication code, payment processing, or before deploying anything that touches user data. The severity tagging (critical/high/medium/low) with file locations makes triage straightforward. Includes dependency scanning and has flags for narrowing scope to just secrets or packages. Honestly feels like what you'd want between regular reviews and a full pentest, especially if you're working solo without a dedicated security person.
npx skills add https://github.com/parcadei/continuous-claude-v3 --skill security