SkillsMar 29, 2026·1 min read

Claude Code Agent: Security Auditor

A Claude Code agent that performs security audits on your codebase — OWASP top 10, dependency vulnerabilities, secrets scanning, and compliance checks.

TO
TokRepo精选 · Community
Quick Use

Use it first, then decide how deep to go

This block should tell both the user and the agent what to copy, install, and apply first.

npx claude-code-templates@latest --agent security/security-auditor --yes
Intro

A security-focused Claude Code agent that audits your codebase for vulnerabilities. Checks OWASP top 10, scans dependencies for known CVEs, detects leaked secrets, and verifies compliance with security best practices. Run it before deployments or on a regular schedule to catch issues early.

What It Checks

OWASP Top 10

  • SQL injection and command injection
  • Cross-site scripting (XSS)
  • Broken authentication and session management
  • Insecure direct object references
  • Security misconfiguration
  • Sensitive data exposure
  • Missing access controls
  • Cross-site request forgery (CSRF)

Dependency Security

  • Known CVEs in npm/pip/cargo/go dependencies
  • Outdated packages with security patches available
  • License compliance issues
  • Supply chain risks

Secrets & Configuration

  • API keys, tokens, and passwords in code
  • Hardcoded credentials in config files
  • Insecure default configurations
  • Missing environment variable usage

Infrastructure

  • Docker security best practices
  • CI/CD pipeline security
  • Network configuration review
  • Encryption at rest and in transit

Example Usage

You: Run a security audit on the auth/ and api/ directories before we deploy

Claude: [Activates security-auditor agent]
- Scans for injection vulnerabilities
- Checks authentication flow
- Reviews dependency versions
- Reports findings with severity ratings and fix suggestions
Source & Thanks

From: Claude Code Templates by davila7 Install: npx claude-code-templates@latest --agent security/security-auditor --yes License: MIT

Related Assets

Agent Skills Standard — Cross-Platform AI Skills

The shared Agent Skills format used by Claude Code, OpenAI Codex, and Gemini CLI. Write skills once, use across all major AI coding tools.

TokRepo精选

OpenAI Codex & Cookbook Official Collection

Official OpenAI resources: Codex CLI coding agent and the OpenAI Cookbook with prompting guides for GPT-5.2, Codex, and more.

TokRepo精选

OpenAI Cookbook — Official Prompting Guides

Official prompting guides from OpenAI: GPT-5.2, Codex, Meta Prompting, and Realtime API guides. The definitive reference for OpenAI model optimization.

TokRepo精选
Home🏆Leaderboard👤Me