Security Audit Command
Comprehensive security review based on the OWASP Top 10 checklist. Scans your codebase for injection vulnerabilities, broken authentication, sensitive data exposure, XSS, CSRF, and misconfigurations. Generates a prioritized remediation plan.
Command
/security-audit
Description
Performs a security-focused code review using the OWASP Top 10 (2021) as a framework. Scans source code, configuration files, and dependencies for common vulnerabilities. Produces a risk-rated report with specific code locations and remediation steps.
Behavior
Arguments
$ARGUMENTS-- Optional path to limit scope (e.g.,src/api/). Defaults to the entire project.
OWASP Top 10 Checks
-
A01: Broken Access Control
- Missing authentication on protected routes
- Missing authorization checks (IDOR vulnerabilities)
- Directory traversal in file operations
- CORS misconfiguration
-
A02: Cryptographic Failures
- Hardcoded secrets and API keys
- Weak hashing algorithms (MD5, SHA1 for passwords)
- Missing encryption for sensitive data at rest/transit
- Insecure random number generation
-
A03: Injection
- SQL injection (string concatenation in queries)
- NoSQL injection (unsanitized MongoDB queries)
- Command injection (user input in exec/spawn)
- LDAP/XPath injection
-
A04: Insecure Design
- Missing rate limiting on sensitive endpoints
- No account lockout mechanism
- Missing CSRF protection
- Insufficient input validation
-
A05: Security Misconfiguration
- Debug mode enabled in production configs
- Default credentials in configuration
- Verbose error messages exposing internals
- Missing security headers
-
A06: Vulnerable Components
# Check npm dependencies npm audit --json 2>/dev/null # Check Python dependencies pip-audit --format=json 2>/dev/null -
A07: Authentication Failures
- Weak password policies
- Missing MFA support
- Session fixation vulnerabilities
- Insecure session storage
-
A08: Data Integrity Failures
- Missing input validation on deserialization
- Unsigned updates or deployments
- Unverified data from external sources
-
A09: Logging Failures
- Sensitive data in logs (passwords, tokens, PII)
- Missing audit logging for security events
- No alerting on suspicious activity
-
A10: SSRF
- User-controlled URLs in server-side requests
- Missing URL allowlist validation
- Internal service discovery via redirects
Output Format
## Security Audit Report **Scope**: src/ (234 files scanned) **Date**: 2025-03-25 ### Summary | Severity | Count | |----------|-------| | Critical | 1 | | High | 3 | | Medium | 5 | | Low | 8 | ### Findings #### CRITICAL: SQL Injection in User Lookup - **OWASP**: A03 Injection - **File**: src/db/users.ts:42 - **Code**: `` `SELECT * FROM users WHERE email = '${email}'` `` - **Fix**: Use parameterized query: `db.query('SELECT * FROM users WHERE email = $1', [email])` #### HIGH: Hardcoded JWT Secret - **OWASP**: A02 Cryptographic Failures - **File**: src/config.ts:8 - **Code**: `const JWT_SECRET = 'my-secret-key-123'` - **Fix**: `const JWT_SECRET = process.env.JWT_SECRET` ... ### Remediation Priority 1. Fix SQL injection immediately (Critical) 2. Move all secrets to environment variables (High) 3. Add rate limiting to auth endpoints (High) 4. Enable CSRF protection (Medium)
Examples
# Full project audit /security-audit # Audit specific directory /security-audit src/api/ # Audit with dependency check /security-audit --include-deps
Reviews
No reviews yet. Be the first to review this template!
Similar Templates
Git Commit Message Generator
Generates well-structured conventional commit messages by analyzing staged changes. Follows Conventional Commits spec with scope detection.
React Component Scaffolder
Scaffolds a complete React component with TypeScript types, Tailwind styles, Storybook stories, and unit tests. Follows project conventions automatically.
CI/CD Pipeline Generator
Generates GitHub Actions workflows for CI/CD including linting, testing, building, and deploying. Detects project stack automatically.