Find Bugs & Security Auditor FAQs

Question 1

How does the find-bugs skill analyze my code?

Accepted Answer

It uses a structured five-phase process: gathering the full git diff, mapping the attack surface, running a security checklist, verifying potential issues against existing context, and providing a prioritized audit report.

Question 2

What security vulnerabilities does it check for?

Accepted Answer

It checks for a wide range of issues including SQL injection, XSS, broken authentication, IDOR, CSRF, race conditions, and insecure cryptographic operations.

Question 3

Does it report on code formatting or style?

Accepted Answer

The skill is configured to skip stylistic and formatting issues, focusing instead on high-priority items like security vulnerabilities and functional bugs.

Question 4

Does this skill automatically fix the bugs it finds?

Accepted Answer

No, this skill is designed to report findings and provide concrete fix suggestions. It avoids making direct changes to ensure the developer maintains control over the implementation.

Question 5

Can it handle large diffs that get truncated in the terminal?

Accepted Answer

Yes, the skill is programmed to detect truncated output and will read each changed file individually to ensure every modified line is reviewed.

Find Bugs & Security Auditor

Key Features

Use Cases

Find Bugs & Security Auditor

Key Features

Use Cases