How does it handle large git diffs?

The skill includes a dedicated input gathering phase that reads individual files if the standard git diff output is truncated, ensuring no changes are missed.

What security standards does the audit follow?

The audit is based on industry standards like OWASP, checking for injection, XSS, broken access control, IDOR, CSRF, and insecure cryptographic practices.

Does this skill check for stylistic or formatting issues?

No, this skill is specifically designed to skip stylistic and formatting issues to focus entirely on security vulnerabilities, logic bugs, and architectural code quality.

Will this skill automatically change my code?

No, this skill is designed for reporting only. It provides detailed findings and fix suggestions, but leaves the final implementation decisions to the developer.

Bug Finder & Security Auditor

Name: Bug Finder & Security Auditor
Author: Nakshatra3108

byNakshatra3108

0•

Security & Testing

Performs deep security audits and bug detection on local branch changes using a rigorous five-phase analysis process.

The Bug Finder & Security Auditor skill transforms Claude into a specialized security researcher for your codebase. It follows a structured methodology that begins with comprehensive input gathering and attack surface mapping, followed by a rigorous checklist covering OWASP-top vulnerabilities like injection, XSS, and authorization flaws. By prioritizing critical security vulnerabilities and logical bugs over stylistic formatting, this skill provides actionable, evidence-based reports that help developers catch high-impact issues before they reach production.

Key Features

01Full-diff analysis with support for truncated output handling

02Contextual verification to reduce false positives in bug reporting

03Prioritized output focusing on security and high-severity logic bugs

040 GitHub stars

05Automated attack surface mapping of user inputs and external calls

06Comprehensive security checklist covering injection, CSRF, and race conditions

Use Cases

01Identifying business logic edge cases and potential race conditions

02Auditing authentication and authorization logic changes

03Conducting pre-merge security reviews on feature branches

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add nakshatra3108/the-battalion find-bugs

For use in Claude.ai and ChatGPT

Key Features

01Full-diff analysis with support for truncated output handling

02Contextual verification to reduce false positives in bug reporting

03Prioritized output focusing on security and high-severity logic bugs

040 GitHub stars

05Automated attack surface mapping of user inputs and external calls

06Comprehensive security checklist covering injection, CSRF, and race conditions

Use Cases

01Identifying business logic edge cases and potential race conditions

02Auditing authentication and authorization logic changes

03Conducting pre-merge security reviews on feature branches

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add nakshatra3108/the-battalion find-bugs

For use in Claude.ai and ChatGPT