Security Audit
Perform comprehensive security audits on codebases by scanning for OWASP Top 10 vulnerabilities, checking dependencies for known CVEs, detecting leaked secrets and API keys, and generating prioritized fix recommendations. This skill combines static analysis patterns with dependency auditing tools.
Overview
The Security Audit skill, hosted in the TerminalSkills/skills repository, provides automated security assessment capabilities for AI agents like Codex and Claude. It facilitates codebase reviews by identifying common security risks aligned with the OWASP Top 10 framework. The tool integrates static analysis patterns to detect vulnerabilities and scans project dependencies against databases of known CVEs. Additionally, it identifies exposed sensitive information such as API keys and secrets within the source code. Upon completion of an audit, the skill generates a list of prioritized recommendations to assist developers in remediating discovered issues. This utility is maintained within a repository that has garnered 72 stars, reflecting its utility for developers seeking to integrate security validation into their automated workflows.
Use Cases
Install Notes
# Review source first
open https://github.com/TerminalSkills/skills/blob/main/skills/security-audit/SKILL.mdCopy or clone the skill folder into your agent skills directory after reviewing its instructions and scripts.
Security Notes
This skill performs analysis of codebases and dependencies to identify potential vulnerabilities. Users should ensure the AI agent has appropriate read permissions for the target directory and be aware that automated scans may require manual verification to confirm findings and mitigate false positives.
Related Skills
Agent Sandbox
TerminalSkills/skills
AI agents execute code, modify files, and run shell commands. Without guardrails, a bad prompt or hallucination can delete your database, overwrite production configs, or exfiltrate secrets. This skill builds safety layers — sandboxed execution, filesystem restrictions, network policies, audit trails, and kill switches
AI Pentesting
TerminalSkills/skills
Use AI agents to autonomously conduct penetration tests on web applications. Combine LLM reasoning with security tools (nmap, subfinder, nuclei, sqlmap, browser automation) to find and prove vulnerabilities with minimal human intervention.
Aceternity UI
TerminalSkills/skills
Aceternity UI is a copypaste component library — not an npm package. You copy the component code directly into your project, giving you full ownership and customization power. Components are built with Framer Motion and Tailwind CSS.
AI Guardrails
TerminalSkills/skills
Add safety layers to AI applications — input validation, prompt injection detection, output filtering, content moderation, and policy enforcement. Prevent misuse without breaking legitimate use cases.