Stats
Actions
Tags
From pda
Analyzes code for security vulnerabilities including OWASP Top 10, injection, auth flaws, secrets exposure, and crypto misuse. Use when performing a security review, security audit, or as part of code-review.
How this skill is triggered — by the user, by Claude, or both
Slash command
/pda:reviewing-securityThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Analyze code changes for security vulnerabilities.
Analyze code changes for security vulnerabilities.
git diff for PR/branchMath.random() for securityPer finding: Severity (CRITICAL/HIGH/MEDIUM/LOW/INFO), Confidence (HIGH/MEDIUM/LOW), CWE if applicable.
### [SEVERITY] Title
- **File**: `path:line`
- **CWE**: CWE-XXX
- **Confidence**: HIGH/MEDIUM/LOW
- **Description**: issue and impact
- **Vulnerable code**: snippet
- **Recommendation**: fix approach
- **Fixed code**: corrected snippet (if straightforward)
End with severity counts table and overall assessment: PASS (no HIGH/CRITICAL), WARN (has MEDIUM), FAIL (has HIGH/CRITICAL).
Provides behavioral guidelines to reduce common LLM coding mistakes, focusing on simplicity, surgical changes, assumption surfacing, and verifiable success criteria.
Searches, retrieves, and installs Agent Skills from prompts.chat registry using MCP tools like search_skills and get_skill. Activates for finding skills, browsing catalogs, or extending Claude.
Creates, edits, and optimizes skills for Claude Code, including drafting, evaluating with test prompts, iterating on performance, and improving skill descriptions for better triggering accuracy.
npx claudepluginhub spaghetti-lover/pda-plugins