security-review
Use this skill to review or implement security-sensitive changes.
Review Areas
- •Signature generation and verification (
internal/crypto/*). - •Artifact integrity and hashing (
internal/util/hash.go, packaging/install paths). - •Policy enforcement correctness (
internal/policy/*). - •Scan coverage and false-negative risks (
cmd/agentsec/scan.go). - •Install-time trust assumptions (
cmd/agentsec/install.go).
Workflow
- •Identify threat class affected (tampering, exfiltration, privilege expansion, update compromise).
- •Trace control points in code and confirm enforcement is real, not advisory.
- •Check default behavior is secure-by-default.
- •Validate error handling fails closed for verification/policy checks.
- •Run:
- •
make build - •
go test ./...
- •
- •Summarize residual risks and follow-up hardening tasks.
Output Expectations
- •Findings first (severity ordered).
- •Exact file references for each finding.
- •Explicit note when behavior is scaffold-level only (non-production).