github-code-review-security-agent

Sub-skill of github-code-review: Security Agent (+3).

5 stars

Best use case

github-code-review-security-agent is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Sub-skill of github-code-review: Security Agent (+3).

Teams using github-code-review-security-agent should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/security-agent/SKILL.md --create-dirs "https://raw.githubusercontent.com/vamseeachanta/workspace-hub/main/.agents/skills/_archive/development/github/github-code-review/security-agent/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/security-agent/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How github-code-review-security-agent Compares

Feature / Agentgithub-code-review-security-agentStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Sub-skill of github-code-review: Security Agent (+3).

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

Related Guides

SKILL.md Source

# Security Agent (+3)

## Security Agent


| Check | Description |
|-------|-------------|
| SQL injection | Detect SQL injection vulnerabilities |
| XSS | Cross-site scripting attack vectors |
| Authentication | Auth bypasses and flaws |
| Cryptographic | Weak crypto implementations |
| Secrets | Exposed credentials or API keys |
| CORS | Misconfiguration issues |

## Performance Agent


| Metric | Description |
|--------|-------------|
| Algorithm complexity | Big-O analysis |
| Query efficiency | N+1 queries, slow queries |
| Memory patterns | Allocation and leaks |
| Cache utilization | Caching opportunities |
| Bundle size | Impact on bundle size |

## Style Agent


| Check | Description |
|-------|-------------|
| Code formatting | Consistent formatting |
| Naming conventions | Variable/function naming |
| Documentation | Comment quality |
| Test coverage | Missing tests |
| Error handling | Proper error patterns |

## Architecture Agent


| Pattern | Description |
|---------|-------------|
| SOLID principles | Single responsibility, etc. |
| DRY violations | Code duplication |
| Coupling metrics | Component dependencies |
| Layer violations | Architecture boundaries |
| Circular dependencies | Dependency cycles |

Related Skills

plan-review-prompt-refresh-after-plan-edits

5
from vamseeachanta/workspace-hub

Refresh reviewer prompt files from the latest on-disk plan before every adversarial re-review. Prevents Codex/Gemini from critiquing stale plan text after local edits.

tdd-verification-and-adversarial-review

5
from vamseeachanta/workspace-hub

Verify pre-written TDD tests pass, conduct adversarial code review on committed diffs, and route findings to existing issues

tax-filing-session-setup-with-github-tracking

5
from vamseeachanta/workspace-hub

Structured workflow for preparing and tracking a tax filing session using prepared documents, task checklist, and GitHub issue cross-referencing

tax-filing-session-setup-with-github-traceability

5
from vamseeachanta/workspace-hub

Structured workflow for setting up a multi-file tax filing session with GitHub issue tracking and prepared-file validation

multi-role-agent-contract-review-pipeline

5
from vamseeachanta/workspace-hub

Execute a 4-role agent team (Planner/Architect/Reviewer/Integrator) pipeline for self-reviewing knowledge artifacts before delivery

gsd-adversarial-review-pattern

5
from vamseeachanta/workspace-hub

Catch hidden test failures by running adversarial review on sparse-data edge cases before final push

github-issue-structure-for-personal-finance-tracking

5
from vamseeachanta/workspace-hub

Pattern for organizing financial analysis work across multiple repos (data/config vs. logic separation)

adversarial-code-review-tdd

5
from vamseeachanta/workspace-hub

Systematic adversarial review pattern to identify breaking assumptions in already-passing test suites

adversarial-code-review-for-committed-diffs

5
from vamseeachanta/workspace-hub

Systematic process for reviewing already-committed code changes to catch type inconsistencies, edge cases, and docstring gaps

adversarial-code-review-and-fix

5
from vamseeachanta/workspace-hub

Systematic pattern for catching design flaws in already-passing code through adversarial review, then fixing them with TDD confirmation.

learned-git-worktree-hook-path-and-real-hook-shape-review

5
from vamseeachanta/workspace-hub

Catch hook-installation and governance bugs that only appear in linked git worktrees or against the real generated hook shape, not simplified test fixtures.

ten-agent-pre-plan-review-wave

5
from vamseeachanta/workspace-hub

Launch and verify a 10-agent planning-only wave that moves open GitHub issues into status:plan-review using one isolated worktree per issue, wave-specific continuation cron, and post-run artifact-reconciliation checks.