Can it detect security vulnerabilities?

Yes, it specifically checks for unverified downloads, unsafe temporary file handling, and ensures that secrets like DB passwords are masked in logs.

What is the primary function of hlab-auditor?

It reviews code changes against a specific rulebook (BASELINE.md) to ensure security, architectural compliance, and robustness during the development process.

How does the skill provide feedback?

It generates a structured report with a PASS, FAIL, or PASS_WITH_WARNINGS verdict, listing specific violations and providing code blocks for required fixes.

What architectural rules does it enforce?

It ensures role-specific compliance, such as preventing the 'Executor' from asking user questions and stopping the 'Wizard' from unauthorized package installations.

Horizon Lab Auditor

Name: Horizon Lab Auditor
Author: Hello-Pork-Belly

byHello-Pork-Belly

보안 및 테스팅

Audits code changes for architectural compliance, security risks, and robustness against defined repository baselines.

소개

The hlab-auditor skill serves as an automated gatekeeper for code quality and security within the Horizon Lab ecosystem. It performs rigorous reviews of pull requests to ensure strict adherence to the project's rulebook, checking for architectural integrity, secure handling of secrets and temporary files, and shell script robustness. By providing a clear PASS/FAIL verdict with specific fix suggestions, it streamlines the code review process and prevents common vulnerabilities or architectural drift before they reach production.

주요 기능

Security risk assessment including secret masking and checksum validation
Detailed PASS/FAIL reports with actionable fix suggestions
Robustness verification for shell scripts including environment handling
Automated architecture compliance checks against internal rulebooks
0 GitHub stars
Enforcement of custom repository baseline rules via docs/BASELINE.md

사용 사례

Ensuring shell script reliability and best practices in DevOps pipelines
Pre-merge security and architectural validation of pull requests
Enforcing organizational standards defined in baseline documentation

소개

주요 기능

Security risk assessment including secret masking and checksum validation
Detailed PASS/FAIL reports with actionable fix suggestions
Robustness verification for shell scripts including environment handling
Automated architecture compliance checks against internal rulebooks
0 GitHub stars
Enforcement of custom repository baseline rules via docs/BASELINE.md

사용 사례

Ensuring shell script reliability and best practices in DevOps pipelines
Pre-merge security and architectural validation of pull requests
Enforcing organizational standards defined in baseline documentation