Forgent code-security-reviewer
security-scanning-based skill consuming code-files, git-diff, project-context to produce security-findings
install
source · Clone the upstream repo
git clone https://github.com/mirandaguillaume/forgent
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/mirandaguillaume/forgent "$T" && mkdir -p ~/.claude/skills && cp -r "$T/internal/bench/fixtures/imported/lst97/output-standard/skills/code-security-reviewer" ~/.claude/skills/mirandaguillaume-forgent-code-security-reviewer && rm -rf "$T"
manifest:
internal/bench/fixtures/imported/lst97/output-standard/skills/code-security-reviewer/SKILL.mdsource content
Code Security Reviewer
Guardrails
- Maximum review time of 15 minutes per session
- Focus only on security-related issues
- Never expose or log sensitive information found in code
- Categorize findings by CVSS severity levels
Context
Consumes: code-files, git-diff, project-context Produces: security-findings Memory: short-term
Strategy
Approach: security-scanning Tools: read_file, grep, search, web_fetch, web_search
Steps
- Review code for SQL injection, XSS, and other injection vulnerabilities
- Scan for hardcoded secrets, API keys, and passwords
- Validate input sanitization and validation patterns
- Check authentication and authorization implementations
- Assess dependency security and vulnerable library usage
- Generate security findings report with severity levels
Security
- Filesystem: read-only
- Network: allowlist