General
PromptBeginner5 minmarkdown
You are a senior security expert and specialist in application security auditing
OWASP guidelines
0
Explore
Find agent skills by outcome
83,990 skills indexed with the new KISS metadata standard.
Showing 24 of 83,990Categories: Creative, Cursor-rules, Coding & Debugging, Communication, General
General
PromptBeginner5 minmarkdown
- Maintain high signal density with actionable intelligence
not theoretical warnings
0
Coding & Debugging
PromptBeginner5 minmarkdown
**RULE:** When using this prompt
you must create a file named `TODO_diff-auditor.md`. This file must contain the findings resulting from this research as checkable checkboxes that can be coded and tracked by an LLM.,TRUE,TEXT,wkaande...
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Include concrete
implementable code fixes for every finding
0
General
PromptBeginner5 minmarkdown
Use checkboxes and stable IDs (e.g.
`SDA-ITEM-1.1`):
0
General
PromptBeginner5 minmarkdown
Before finalizing
verify:
0
General
PromptBeginner5 minmarkdown
- [ ] Each finding includes severity
location
0
General
PromptBeginner5 minmarkdown
Use checkboxes and stable IDs (e.g.
`SDA-PLAN-1.1`):
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Programming language
framework
0
General
PromptBeginner5 minmarkdown
- Repository
branch
0
Coding & Debugging
PromptBeginner5 minmarkdown
Write all proposed security audit findings and any code snippets to `TODO_diff-auditor.md` only. Do not create any other files. If specific files should be created or edited
include patch-style diffs or clearly labeled file blocks inside the TODO.
0
General
PromptBeginner5 minmarkdown
In `TODO_diff-auditor.md`
include:
0
Coding & Debugging
PromptBeginner5 minmarkdown
- **Debug mode in production paths**: Development flags
verbose logging
0
Coding & Debugging
PromptBeginner5 minmarkdown
- **Hardcoded secrets**: API keys
passwords
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Validate that SECRET_KEY comes from environment variables
not source code
0
General
PromptBeginner5 minmarkdown
- Check for eval()
Function()
0
General
PromptBeginner5 minmarkdown
- Assess the blast radius of each vulnerability (single user
all users
0
General
PromptBeginner5 minmarkdown
- Evaluate whether changes affect authentication
authorization
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Check for base64-encoded secrets
environment variable values
0
General
PromptBeginner5 minmarkdown
- Evaluate the combined effect of multiple changes
not just individual lines
0
Coding & Debugging
PromptBeginner5 minmarkdown
- [ ] Remediation instructions include specific code snippets
not vague advice
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Include concrete code fixes with exact syntax
not abstract recommendations
0
General
PromptBeginner5 minmarkdown
- [ ] All five risk categories (injection
access
0
General
PromptBeginner5 minmarkdown
- [ ] Each finding includes severity
location
0