Does this skill support blockchain and smart contracts?

Yes, it includes specific checks for Solidity smart contracts, including reentrancy, integer overflow, access control, and front-running vulnerabilities.

How does it handle critical vulnerabilities?

If a critical finding is discovered, the skill invokes a specific 'Critical Vulnerability Response' checklist to ensure immediate and structured remediation steps are documented.

What standards does the audit follow?

The audit is primarily based on the OWASP Top 10 framework, covering access control, cryptographic failures, injection vectors, insecure design, and more.

What is the security-audit skill for Claude Code?

It is a specialized capability that enables Claude to perform deep-dive security reviews, checking your code, dependencies, and infrastructure against the OWASP Top 10 and other security best practices.

Can it detect hardcoded API keys?

Absolutely. The skill includes a secrets scan that greps for API keys, tokens, passwords, and connection strings throughout your repository.

Security Audit & Hardening

Name: Security Audit & Hardening
Author: ArtemioPadilla

byArtemioPadilla

•

보안 및 테스팅

Performs comprehensive security audits of codebases, dependencies, and infrastructure using OWASP standards and architectural reviews.

The security-audit skill provides an automated yet deep-reaching security evaluation for software projects, checking for OWASP Top 10 vulnerabilities, leaked secrets, and insecure dependencies. Designed for use before production releases or after major code changes, it ensures that authentication, authorization, and data protection protocols are robust. Beyond basic scanning, it reviews system architecture for layer separation and integrity, providing a structured report and a dedicated handoff for remediation to ensure your application remains secure and compliant.

주요 기능

01Automated secrets scanning for API keys, tokens, and credentials

02Dependency CVE auditing for npm, pip, and other package managers

033 GitHub stars

04Architectural integrity analysis to prevent auth bypass and logic flaws

05Systematic OWASP Top 10 vulnerability mapping and assessment

06Smart contract security review for Solidity-based blockchain projects

사용 사례

01Pre-release security verification for production-ready codebases

02Auditing third-party dependencies for known vulnerabilities and CVEs

03Validating access control and data encryption after major architectural changes

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add artemiopadilla/agent-triforce security-audit

For use in Claude.ai and ChatGPT

Download Skill