AgentSkillsCN

Security Audit Lens

依据安全防护红线,对功能与变更进行评估。

SKILL.md
--- frontmatter
name: "Security Audit Lens"
description: "Evaluate features and changes against security guardrails."
tags:
  - security
  - compliance

Checklist

  • Classify data sensitivity, trust boundaries, and threat actors.
  • Review authN/authZ flows, secrets management, and logging coverage.
  • Inspect dependency and infrastructure changes for privilege escalation.
  • Ensure mitigations include monitoring, alerting, and incident playbooks.
  • Capture residual risk, owner, and follow-up cadence.

Prompts

  • "What compensating controls do we need before shipping?"
  • "Summarize the highest-severity risk and a remediation timeline."

Resources

  • Threat modeling worksheet.
  • Company secure coding standards.