AgentSkillsCN

ralph-security-audit

综合运用多种扫描工具(npm audit、pip-audit、semgrep、trivy),结合敏感信息检测、依赖项漏洞扫描以及 OWASP Top 10 检查,开展全面的安全审计。适用于部署前的安全审查,或在 PR 审核过程中使用。

SKILL.md
--- frontmatter
name: ralph-security-audit
description: Run comprehensive security audit combining multiple scanners (npm audit, pip-audit, semgrep, trivy) with secret detection, dependency vulnerability scanning, and OWASP Top 10 checks. Use for security review before deployment or during PR review.
allowed-tools: Read, Bash, Grep, Glob

Ralph Ultra Security Audit

Comprehensive multi-scanner security analysis.

What this does

  1. Dependency scanning — npm audit, pip-audit, cargo-audit
  2. Static analysis — semgrep with auto-config rules
  3. Container scanning — trivy for Docker images
  4. Secret detection — Regex-based scan for API keys, tokens, passwords
  5. OWASP Top 10 — Check for common vulnerability patterns
  6. License audit — Flag copyleft licenses in commercial projects

Usage

code
/ralph-ultra:ralph-security-audit [--fix] [--severity critical,high]

Options

OptionDescription
--fixAuto-fix safe vulnerabilities (patch updates)
--severityOnly report issues at specified levels

Severity Levels

  • CRITICAL — Immediate action required (RCE, auth bypass)
  • HIGH — Fix before deployment (SQL injection, XSS)
  • MEDIUM — Fix in next sprint (info disclosure, CSRF)
  • LOW — Track for later (deprecated APIs, minor config issues)

Scanners Used

Runs whichever tools are available:

  • npm audit / yarn audit — Node.js dependencies
  • pip-audit / safety — Python dependencies
  • semgrep — Multi-language SAST
  • trivy — Container and filesystem scanning
  • Built-in regex — Hardcoded secrets, insecure URLs, .env exposure