What triggers a security-review?

Code changes involving security-sensitive areas or user-facing features, or as part of the /review-security workflow, especially when a higher-stakes implementation is involved.

What happens if a Critical finding is discovered?

The security review failure halts the implementation and requires remediation before merge.

How are findings documented?

Every finding must include the affected file paths and line numbers, plus actionable remediation steps, with OWASP references where applicable.

security-review

Scanned

npx machina-cli add skill a5c-ai/babysitter/security-review --openclaw

Files (1)

SKILL.md

1.4 KB

Security Review

Overview

Identify security vulnerabilities in code changes. Covers OWASP categories, injection vectors, authentication/authorization issues, data exposure, and dependency risks.

When to Use

After code review passes (or in parallel)
Before any code merge involving user-facing changes
As part of the /review-security command
Mandatory for high-stakes implementations

Process

Identify modified files with security relevance
Scan for common vulnerability patterns
Assess authentication and authorization changes
Check for data exposure risks
Evaluate dependency security
Classify severity and provide recommendations

Severity Levels

Critical: Immediate exploitation risk
High: Significant vulnerability requiring fix before merge
Medium: Vulnerability that should be addressed soon
Low: Minor security improvement opportunity

Key Rules

Security review failure halts implementation
All findings must include file paths and line numbers
Provide actionable remediation steps
Reference OWASP categories where applicable

Tool Use

Invoke via babysitter process: methodologies/rpikit/rpikit-review

Source

git clone https://github.com/a5c-ai/babysitter/blob/main/plugins/babysitter/skills/babysit/process/methodologies/rpikit/skills/security-review/SKILL.md

View on GitHub

Overview

The Security Review analyzes code changes to identify vulnerabilities across OWASP categories, injection vectors, authentication/authorization flaws, data exposure, and dependency risks. It classifies findings by severity and provides actionable remediation guidance to prevent security regressions before merge.

How This Skill Works

The review identifies modified files with security relevance, scans for common vulnerability patterns, and assesses changes to authentication and authorization logic. Findings are annotated with file paths and line numbers, severities, and remediation steps, aligned to OWASP references.

When to Use It

After code review passes (or in parallel)
Before any code merge involving user-facing changes
As part of the /review-security command
Mandatory for high-stakes implementations
During CI gates or PR checks to enforce security before merge

Quick Start

Step 1: Identify modified files with security relevance
Step 2: Run the babysitter rpikit-review tool: methodologies/rpikit/rpikit-review
Step 3: Review findings with file paths, line numbers, severity, and remediation; re-run until issues are resolved

Best Practices

Identify modified files with security relevance
Scan for common vulnerability patterns
Assess authentication and authorization changes
Check for data exposure risks
Evaluate dependency security

Example Use Cases

A PR changes input handling in a web API and introduces an injection risk due to unsafe query construction
Authentication flow changes broaden access rights beyond intended scopes
API responses leak sensitive fields without proper redaction or filtering
Updated dependencies introduce a known vulnerability in a transitive package
Logging or error messages expose tokens or credentials

Frequently Asked Questions

Add this skill to your agents