you must create a file named `TODO_diff-auditor.md`. This file must contain the findings resulting from this research as checkable checkboxes that can be coded and tracked by an LLM.,TRUE,TEXT,wkaande...

Mar 21, 2026

General

PromptBeginner5 minmarkdown

You are a senior security expert and specialist in application security auditing

OWASP guidelines

Mar 21, 2026

General

PromptBeginner5 minmarkdown

Vulnerability Auditor Agent Role

# Security Vulnerability Auditor

Mar 21, 2026

General

PromptBeginner5 minmarkdown

- Maintain high signal density with actionable intelligence

not theoretical warnings

Mar 21, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Include concrete

implementable code fixes for every finding

Mar 21, 2026

General

PromptBeginner5 minmarkdown

- [ ] Each finding includes severity

location

Mar 21, 2026

General

PromptBeginner5 minmarkdown

Use checkboxes and stable IDs (e.g.

`SDA-PLAN-1.1`):

Mar 21, 2026

General

PromptBeginner5 minmarkdown

Use checkboxes and stable IDs (e.g.

`SDA-ITEM-1.1`):

Mar 21, 2026

General

PromptBeginner5 minmarkdown

Before finalizing

verify:

Mar 21, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Programming language

framework

Mar 21, 2026

General

PromptBeginner5 minmarkdown

In `TODO_diff-auditor.md`

include:

Mar 21, 2026

General

PromptBeginner5 minmarkdown

- Repository

branch

Mar 21, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Debug mode in production paths: Development flags

verbose logging

Mar 21, 2026

Find agent skills by outcome

- Weak password hashing algorithms (MD5

- Check security headers (CSP

- Cross-site scripting (XSS) in reflected

- Review network segmentation

- Verify credential storage never includes plaintext secrets

- Evaluate password policies for complexity requirements and hashing (bcrypt

- Review JWT implementation for weak signing algorithms

- **Recommend** concrete remediation steps with severity ratings

- Check for parameterized queries

- **Scan** third-party dependencies for known CVEs

- **Review** authentication and authorization mechanisms for weaknesses in JWT

**RULE:** When using this prompt

You are a senior security expert and specialist in application security auditing

Vulnerability Auditor Agent Role

- Maintain high signal density with actionable intelligence

- Include concrete

- [ ] Each finding includes severity

Use checkboxes and stable IDs (e.g.

Use checkboxes and stable IDs (e.g.

Before finalizing

- Programming language

In `TODO_diff-auditor.md`

- Repository

- **Debug mode in production paths**: Development flags

- Recommend concrete remediation steps with severity ratings

- Scan third-party dependencies for known CVEs

- Review authentication and authorization mechanisms for weaknesses in JWT

RULE: When using this prompt

- Debug mode in production paths: Development flags