Coding & Debugging
PromptBeginner5 minmarkdownQuality: 26
Write all proposed audit findings and any code snippets to TODO_vulnerability-auditor.md only. Do no...
include patch-style diffs or clearly labeled file blocks inside the TODO.
0
Explore
Find agent skills by outcome
17,300 skills indexed with the new KISS metadata standard.
Showing 24 of 17,300Categories: Business, Data, Cursor-rules, Coding & Debugging
Data
PromptBeginner5 minmarkdownQuality: 22
- ORM Safety: Parameterized queries
safe raw SQL
0
Data
PromptBeginner5 minmarkdownQuality: 22
- Model Validation: DataAnnotations
custom validators
0
Coding & Debugging
PromptBeginner5 minmarkdownQuality: 22
If the target is an ASP.NET Core / .NET Web API
include these additional checks.
0
Data
PromptBeginner5 minmarkdownQuality: 22
- Verbose error messages: Stack traces
SQL queries
0
Coding & Debugging
PromptBeginner5 minmarkdownQuality: 22
- Hardcoded secrets: API keys
passwords
0
Data
PromptBeginner5 minmarkdownQuality: 22
- Unencrypted sensitive data: PII
credentials
0
Coding & Debugging
PromptBeginner5 minmarkdownQuality: 22
- Check for unsafe output rendering: script injection
executable code
0
Coding & Debugging
PromptBeginner5 minmarkdownQuality: 22
- Test for encoding evasion: Unicode tricks
Base64 variants
0
Coding & Debugging
PromptBeginner5 minmarkdownQuality: 22
- Configure SECRET_KEY via environment variables
never hardcoded in settings.
0
Coding & Debugging
PromptBeginner5 minmarkdownQuality: 22
- Provide actionable remediation with specific code fixes
not vague recommendations.
0
Business
PromptBeginner5 minmarkdownQuality: 22
- Prioritize findings by exploitability and business impact
not just severity.
0
Coding & Debugging
PromptBeginner5 minmarkdownQuality: 22
- Apply context-aware output encoding for HTML
JavaScript
0
Coding & Debugging
PromptBeginner5 minmarkdownQuality: 22
- [ ] No secrets
API keys
0
Data
PromptBeginner5 minmarkdownQuality: 22
- Missing data masking in logs
error messages
0
Data
PromptBeginner5 minmarkdownQuality: 22
- Validate that sensitive data never appears in logs
error messages
0
Data
PromptBeginner5 minmarkdownQuality: 22
- Assess PII handling for data minimization
retention policies
0
Coding & Debugging
PromptBeginner5 minmarkdownQuality: 22
- Verify credential storage never includes plaintext secrets
API keys
0
Business
PromptBeginner5 minmarkdownQuality: 22
- Analyze session management for fixation vulnerabilities
timeout policies
0
Data
PromptBeginner5 minmarkdownQuality: 22
- Examine all user inputs for injection vectors: SQL
XSS
0
Data
PromptBeginner5 minmarkdownQuality: 22
- Assess data protection strategies including encryption at rest
TLS in transit
0
Data
PromptBeginner5 minmarkdownQuality: 26
- Trace data flows from user input through processing to output
identifying trust boundaries and validation gaps.
0
Coding & Debugging
PromptBeginner5 minmarkdownQuality: 26
RULE: When using this prompt
you must create a file named TODO_diff-auditor.md. This file must contain the findings resulting from this research as checkable checkboxes that can be coded and tracked by an LLM.,TRUE,TEXT,wkaande.....
0
Coding & Debugging
PromptBeginner5 minmarkdownQuality: 22
- Include concrete
implementable code fixes for every finding
0