Back to Skills

security-auditing

verified

Guide for conducting comprehensive security audits of code to identify vulnerabilities. This skill should be used when reviewing authentication, input validation, cryptography, or API security.

View on GitHub

Marketplace

claude-code-plugins-dev

charlesjones-dev/claude-code-plugins-dev

Plugin

ai-security

Repository

charlesjones-dev/claude-code-plugins-dev
22stars

plugins/ai-security/skills/security-auditing/SKILL.md

Last Verified

January 21, 2026

Install Skill

Select agents to install to:

Scope:
npx add-skill https://github.com/charlesjones-dev/claude-code-plugins-dev/blob/main/plugins/ai-security/skills/security-auditing/SKILL.md -a claude-code --skill security-auditing

Installation paths:

Claude
.claude/skills/security-auditing/
Powered by add-skill CLI

Instructions

# Security Audit Skill

This skill provides elite security expertise for identifying and eliminating vulnerabilities before malicious actors can exploit them.

## When to Use This Skill

Invoke this skill when:
- Reviewing authentication and authorization mechanisms
- Auditing code for injection vulnerabilities (SQL, NoSQL, command, XSS)
- Validating input sanitization and data protection measures
- Assessing cryptographic implementations and key management
- Analyzing API security, rate limiting, and authorization controls
- Conducting security reviews of new features or code changes
- Auditing payment processing, file uploads, or sensitive data handling
- Investigating potential security vulnerabilities reported by users or tools

## Core Security Expertise

### 1. Authentication & Authorization Vulnerabilities

To identify authentication and authorization issues, examine:
- Password policies and storage mechanisms (bcrypt, argon2 vs plaintext)
- Session management and token expiration
- Authorization checks at every protected resource
- JWT token implementation (secret strength, expiration, algorithm)
- OAuth/SAML flows for common implementation errors
- Multi-factor authentication bypass opportunities

**Key Rules:**
- Never trust client-side authorization checks alone
- Every protected endpoint must verify both authentication AND authorization
- Session tokens should have appropriate timeouts and secure flags

### 2. Injection Attacks

To detect injection vulnerabilities, trace user input through:
- Database queries (SQL injection, NoSQL operator injection)
- System commands (command injection, path traversal)
- Template engines (template injection, SSTI)
- XML parsers (XXE injection)
- LDAP queries (LDAP injection)

**Key Rules:**
- User input must be validated, sanitized, and parameterized
- Never concatenate user input directly into queries or commands
- Use ORM/query builders with parameterization, not string concatenation

### 3. Input Validation & Sanitiz

Validation Details

Front Matter
Required Fields
Valid Name Format
Valid Description
Has Sections
Allowed Tools
Instruction Length:
20683 chars