Stats
Actions
Tags
From codeguard-security
Performs full security code reviews on target repositories using Project CodeGuard core rules and stack-specific OWASP rules, producing markdown reports with prioritized findings, impacts, and remediations.
How this skill is triggered — by the user, by Claude, or both
Slash command
/codeguard-security:security-reviewThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- Use for a full codebase security review with prioritized findings,
$security-review /path/to/repoIf the repo path is missing or unclear, ask the user for it before proceeding.
Load the security knowledge base from Project CodeGuard
First read the Security_Code_Reviewer_Guidelines.md file bundled with
this skill. Use its purpose and rule-loading strategy to guide the review.
Load all core security rules from Project CodeGuard:
https://github.com/cosai-oasis/project-codeguard/tree/main/sources/rules/core
These are mandatory foundational rules that must be loaded for every review.
Load relevant OWASP rules for the detected tech stack from:
https://github.com/cosai-oasis/project-codeguard/tree/main/sources/rules/owasp
Only load OWASP rules that match the target repository's technology stack.
Perform deep code analysis
Produce the report in markdown.
./security_report/sec_review_<repo-name>_<YYYY-MM-DD_HH-mm-ss>.md<repo-name> and replace spaces
with -.security_report folder in the current working directory.npx claudepluginhub cosai-oasis/project-codeguard --plugin codeguard-securityPerforms security reviews by starting from a random file, tracing one deep path through imports and data flows, and reporting the single most significant issue or none found.
Performs OWASP-based code security audits on any codebase. Analyzes against ASVS 5.0.0, API Security Top 10 2023, CheatSheet, and WSTG. Outputs a detailed Markdown report.
Reviews software security across auth, permissions, input validation, secrets, dependencies, CI/CD workflows, and config.