Which security standards does CASPER-3 follow?

It primarily follows the OWASP Top 10 framework, covering access control, injection attacks, cryptographic failures, and insecure design, while also checking for AI-specific risks like prompt injection.

Does CASPER-3 require external tools?

Yes, it operates via the Codex-CLI MCP (Model Context Protocol) to leverage specific security-tuned reasoning for its analysis.

What is the CASPER-3 VETO power?

CASPER-3 has the unique ability to 'VETO' a task in the MAGI system. If it identifies a CRITICAL security risk, it can reject the task even if the other two AI engines (Melchior and Balthasar) approve it.

Can CASPER-3 be used for architectural planning?

Absolutely. It provides security-focused feedback on architecture tasks, identifying trust boundaries, authentication flaws, and data flow vulnerabilities before any code is written.

MAGI CASPER-3 Security Analyst

Name: MAGI CASPER-3 Security Analyst
Author: weiting-tw

byweiting-tw

•

Security & Testing

Analyzes codebases for security risks, vulnerabilities, and boundary conditions using a defender-first perspective with critical veto authority.

CASPER-3 is a specialized security-focused engine within the MAGI consensus system, designed to act as the ultimate defender of your codebase. Drawing inspiration from Evangelion's MAGI supercomputer, it leverages Codex-CLI via MCP to perform deep-dive threat modeling, OWASP Top 10 scanning, and AI-specific security audits. Unlike standard linters, CASPER-3 operates with a 'Defender Perspective,' evaluating everything from architectural trust boundaries to potential supply chain attacks. Most importantly, it holds a unique VETO power over the MAGI system's consensus, ensuring that critical security flaws are never overlooked, even if other AI agents approve the task.

Key Features

01Critical security issue VETO authority within the MAGI consensus system

02AI-specific security checks for prompt injection and supply chain risks

03Automated OWASP Top 10 vulnerability scanning and remediation advice

04Comprehensive threat modeling for architectural and planning tasks

052 GitHub stars

06Detailed security reporting with severity levels and CVE references

Use Cases

01Validating Infrastructure as Code (IaC) and container configurations for leaks

02Performing automated security audits on complex pull requests before merging

03Identifying hidden architectural risks and trust boundary issues during design

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add weiting-tw/magi-system casper-3

For use in Claude.ai and ChatGPT