What specific security risks does it check for?

It audits for injection (SQL/Command), XSS, broken authentication, IDOR, CSRF, race conditions, and insecure cryptographic implementations.

How does this skill differ from a standard linter?

While linters focus on formatting and syntax, this skill performs deep semantic analysis to find security vulnerabilities, logic errors, and architectural flaws.

Can I use this for pull request reviews?

Yes, it is optimized for PR workflows by automatically comparing your current branch diff against the default branch to identify risks in new changes.

Does it automatically modify my code?

No, it is a reporting tool. It provides detailed findings including severity, evidence, and suggested fixes, allowing you to make the final decision.

Find Bugs & Security Auditor

Name: Find Bugs & Security Auditor
Author: sickn33

bysickn33

•

15,684

•

보안 및 테스팅

Audits local branch changes to identify security vulnerabilities, logical bugs, and critical code quality issues using a rigorous multi-phase verification process.

The Find Bugs skill provides Claude with a systematic framework for reviewing code changes before they are merged. It executes a comprehensive five-phase workflow including attack surface mapping, exhaustive security checklists (OWASP-aligned), and cross-verification of findings against existing tests. By focusing on high-impact vulnerabilities like injection, XSS, and broken access control, this skill helps developers catch critical flaws that standard linters miss, ensuring production-grade security and reliability for every commit.

주요 기능

01Evidence-based reporting that prioritizes critical vulnerabilities over style

02Automated diff analysis comparing local branches to the default branch

03Detailed security checklist covering SQLi, XSS, CSRF, and race conditions

04Pre-conclusion audit phase to ensure full file coverage and verification

05Comprehensive attack surface mapping of user inputs, DB queries, and auth checks

0615,684 GitHub stars

사용 사례

01Performing a pre-commit security audit on a local feature branch

02Reviewing complex pull request changes for hidden logical bugs

03Identifying potential attack vectors in new API endpoints or database interactions

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add sickn33/antigravity-awesome-skills find-bugs

For use in Claude.ai and ChatGPT

Download Skill