@github/security-review

AI-powered codebase security scanner that reasons about code like a security researcher — tracing data flows, understanding component interactions, and catching vulnerabilities that pattern-matching tools miss. Use this skill when asked to scan code for security vulnerabilities, find bugs, check for SQL injection, XSS, command injection, exposed API keys, hardcoded secrets, insecure dependencies, access control issues, or any request like "is my code secure?", "review for security issues", "audit this codebase", or "check for vulnerabilities". Covers injection flaws, authentication and access control bugs, secrets exposure, weak cryptography, insecure dependencies, and business logic issues across JavaScript, TypeScript, Python, Java, PHP, Go, Ruby, and Rust.

View in AI SkillSafe app
5 scan findings
0 downloads
0 stars
0 demos
SKILL.md

Embed badges

Add these to your README to show the skill's verification status.

SkillSafe verified badge
Verified badge
[![SkillSafe verified badge](https://api.skillsafe.ai/v1/badge/@github/security-review/verified)](https://skillsafe.ai/skill/@github/security-review/)
Installs badge
Installs badge
[![Installs badge](https://api.skillsafe.ai/v1/badge/@github/security-review/installs)](https://skillsafe.ai/skill/@github/security-review/)
Scan badge
Scan badge
[![Scan badge](https://api.skillsafe.ai/v1/badge/@github/security-review/scan)](https://skillsafe.ai/skill/@github/security-review/)
Eval pass rate badge
Eval pass rate
[![Eval pass rate badge](https://api.skillsafe.ai/v1/badge/@github/security-review/eval)](https://skillsafe.ai/skill/@github/security-review/)