from codex_skill67
Perform security-focused code reviews aligned to OWASP Top 10 and CWE patterns; produces grouped findings, risk summary, and remediation guidance.
A security-oriented review skill that inspects code changes for vulnerabilities mapped to OWASP Top 10 and CWE entries. It runs an adversarial review loop (init, poll, rebut, resume) and outputs structured findings (id, severity, cwe, owasp, evidence, suggested_fix) and a risk-summary to guide remediation.
Use this skill for pull-request or branch reviews when changes touch authentication, crypto, SQL, user input handling, file uploads, or APIs. Also suitable for full-codebase audits or pre-merge security checks.
Designed for Codex-style harnesses and CLI runners that can execute the provided runner commands (Codex/Codex-impl-like agents).
This skill has not been reviewed by our automated audit pipeline yet.
