security-pr-checklist-skill
4
总安装量
3
周安装量
#51747
全站排名
安装命令
npx skills add https://github.com/monkey1sai/openai-cli --skill security-pr-checklist-skill
Agent 安装分布
opencode
3
antigravity
3
replit
3
claude-code
3
windsurf
3
goose
3
Skill 文档
Security PR Checklist Skill
Standardized security review for pull requests.
PR Security Checklist
## Security Review Checklist
### Authentication & Authorization
- [ ] No hardcoded credentials
- [ ] Authorization checks on all endpoints
- [ ] Session management secure
- [ ] Rate limiting on auth endpoints
### Input Validation
- [ ] All inputs validated
- [ ] Output properly encoded
- [ ] No SQL injection risks
- [ ] No XSS vulnerabilities
### Data Protection
- [ ] Sensitive data encrypted at rest
- [ ] HTTPS enforced
- [ ] No PII in logs
- [ ] Secure cookie configuration
### Dependencies
- [ ] No new high/critical vulnerabilities
- [ ] Dependencies up to date
- [ ] No suspicious packages
### Secrets Management
- [ ] No secrets in code
- [ ] Environment variables used
- [ ] .env files in .gitignore
### Error Handling
- [ ] No sensitive info in errors
- [ ] Generic error messages
- [ ] Proper logging
Output Checklist
- PR template created
- Required security checks
- Common pitfalls documented
- Automated checks in CI
- Review guidelines ENDFILE