Security Review.prompt
---
mode: 'agent'
description: 'Security review of current changes'
---
Act as the team's Security Expert. Review the current project changes.
Process:
1. Analyze recent changes (modified or new files)
2. Verify against the security checklist:
- Input validation at every boundary
- Adequate output encoding
- Correct authentication and authorization
- No hardcoded secrets
- Error handling does not reveal internal information
- Secure dependencies
- CORS, CSRF, XSS protected
3. Document findings with severity (Critical, High, Medium, Low)
4. Propose fixes for each finding
If the architecture is documented in `docs/decisions.md`, use it to understand
the threat model and expected security controls.when to use it
Community prompt sourced from the open-source GitHub repo erniker/understudy (MIT). A "Security Review.prompt" style prompt — adapt the placeholders and specifics to your task. Imported as-is and not independently retested here, so check the output before relying on it.
tags
writingcommunitygeneral
source
erniker/understudy · MIT
more in Writing
Writing✓ tested
Explain anything to a smart friend
great teacher who refuses to dumb things down
Writing✓ tested
Line-edit my draft (keep my voice)
sharp copy editor who tightens without flattening
Writing✓ tested
Outline a long piece before you write it
editor who structures the argument before a word is drafted