security-pr-checklist-skill

Security PR Checklist Skill

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "security-pr-checklist-skill" with this command: npx skills add monkey1sai/openai-cli/monkey1sai-openai-cli-security-pr-checklist-skill

Security PR Checklist Skill

Standardized security review for pull requests.

PR Security Checklist

Security Review Checklist

Authentication & Authorization

  • No hardcoded credentials
  • Authorization checks on all endpoints
  • Session management secure
  • Rate limiting on auth endpoints

Input Validation

  • All inputs validated
  • Output properly encoded
  • No SQL injection risks
  • No XSS vulnerabilities

Data Protection

  • Sensitive data encrypted at rest
  • HTTPS enforced
  • No PII in logs
  • Secure cookie configuration

Dependencies

  • No new high/critical vulnerabilities
  • Dependencies up to date
  • No suspicious packages

Secrets Management

  • No secrets in code
  • Environment variables used
  • .env files in .gitignore

Error Handling

  • No sensitive info in errors
  • Generic error messages
  • Proper logging

Output Checklist

  • PR template created

  • Required security checks

  • Common pitfalls documented

  • Automated checks in CI

  • Review guidelines ENDFILE

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

data-integrity-auditor

No summary provided by upstream source.

Repository SourceNeeds Review
-8
monkey1sai
Security

api-security-hardener

No summary provided by upstream source.

Repository SourceNeeds Review
-8
monkey1sai
Security

auth-security-reviewer

No summary provided by upstream source.

Repository SourceNeeds Review
-8
monkey1sai