
from codex_skill67
Perform security-focused code reviews aligned to OWASP Top 10 and CWE patterns; produces grouped findings, risk summary, and remediation guidance.
A security-oriented review skill that inspects code changes for vulnerabilities mapped to OWASP Top 10 and CWE entries. It runs an adversarial review loop (init, poll, rebut, resume) and outputs structured findings (id, severity, cwe, owasp, evidence, suggested_fix) and a risk-summary to guide remediation.
Use this skill for pull-request or branch reviews when changes touch authentication, crypto, SQL, user input handling, file uploads, or APIs. Also suitable for full-codebase audits or pre-merge security checks.
Designed for Codex-style harnesses and CLI runners that can execute the provided runner commands (Codex/Codex-impl-like agents).
Security-focused code review skill that uses an adversarial debate loop with OWASP Top 10 and CWE alignment. No bundled scripts — relies entirely on an external Codex runner for execution. Well-structured workflow with clear steps, error handling, and cleanup protocols. Requires Codex infrastructure to function, limiting out-of-the-box usability.
Pure instruction skill with no scripts. Adversarial debate model for security review is an interesting approach. The skill is well-documented but entirely dependent on external Codex runner tooling, which limits its portability and standalone value.