← Back to skill catalog
AuditArchitect OS eligible

Security Audit

Scans for auth gaps, hardcoded secrets, missing RLS, XSS, CSRF, unprotected routes, exposed env vars.

How to activate

Say any of these phrases in your IDE to trigger this skill:

run security auditsecurity scancheck securityaudit auth

Run via CLI

enterprise-skills run security-audit

Aliases:

security-scanauth-audit

Relationships

Depends on:

Governance Enforcement

Enforces Pre-Code Gate, model roles, preflight resolution, mid-session handoff, execution logging, and feedback capture. Reads .project-ai/ authority pack when available.

Coordinates with:

Full Stack Audit

Runs ALL enterprise audit skills in sequence — security, code review, API contracts, dependency audit, pre-deploy, testing verification.

Project Manager

Enterprise-grade PM and orchestration hub. Auto-selects methodology (Agile, SAFe, Lean, PRINCE2, Kanban, CRISP-DM) per project archetype. Reads from the shared context bus to synthesize cross-skill intelligence, process pending signals, recommend next workflows, and provide C-suite dashboards. Combines McKinsey MECE, RAID, OKR, DORA, BCG portfolio, Theory of Constraints, and value stream mapping.

Incident Response

Manages production incidents end-to-end — triage, root cause analysis, remediation, and post-mortem generation.