Phase 4: Implementation & Verification
What this phase does
Fix the vulnerability. Make the failing test pass. Mark the item done.
Instructions
- •
Read the failing test from Phase 3.
- •
Fix the application code to address the vulnerability.
- •Run the test after each change
- •Iterate until it passes
- •Verify no other tests regressed
- •
Mark done. Update
SECURITY_PLAN.md— set this item's status toDONE.
End-of-skill check: See
shared/primitive-updates.md. Signals: architectural constraints, code that must not be refactored.
- •Stop. Report what was fixed.
If there are more Pending items in the backlog, loop back to Phase 3: /3-security-spec
Otherwise, the security audit is complete.