baseline-security-audit

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Baseline Security Audit Skill

基线安全审计Skill

Overview

概述

This skill performs a comprehensive baseline security audit of the codebase by analyzing common security vulnerabilities and misconfigurations. For each security finding, it can automatically create Jira stories for tracking and remediation.

该Skill通过分析常见的安全漏洞和配置错误，对代码库执行全面的基线安全审计。对于每个发现的安全问题，它可以自动创建Jira事项以进行跟踪和修复。

What This Skill Does

该Skill的功能

Scans for hardcoded secrets and credentials
Checks for insecure dependencies and outdated packages
Reviews authentication and authorization patterns
Identifies potential injection vulnerabilities
Analyzes file permissions and access controls
Validates encryption and cryptography usage
Checks for exposed sensitive endpoints
Reviews error handling and information disclosure
Provides prioritized remediation roadmap

扫描硬编码的密钥和凭证
检查不安全的依赖项和过时的包
审查身份验证和授权模式
识别潜在的注入漏洞
分析文件权限和访问控制
验证加密和密码学的使用
检查暴露的敏感端点
审查错误处理和信息泄露情况
提供优先级排序的修复路线图

How to Use

使用方法

Invoke this skill by asking for a security audit:

"Perform a baseline security audit"
"Check the codebase for security issues"
"Run security checks on this project"

通过请求安全审计来调用此Skill：

"执行基线安全审计"
"检查代码库中的安全问题"
"对本项目运行安全检查"