{"id":"ce14171b-6085-4ce6-a271-8b028908a084","shortId":"vdD7wC","kind":"skill","title":"pr-security-review","tagline":"Use this skill to review a PR or diff for security regressions. Do not use it for full-repository audits or legal contract review.","description":"# pr-security-review\n\n## English\n\n### Purpose\n\nReview the current PR, diff, or changed-files summary for security regressions.\n\n### When to use\n\n- The user asks to review a PR.\n- The user asks whether a diff introduces security risk.\n- The user asks for blocking issues or missing tests.\n\n### When not to use\n\n- Full-repository audits.\n- Smart-contract protocol audits.\n- Legal contract review.\n- Requests to auto-fix every issue.\n\n### Workflow\n\n1. Identify changed files and affected call paths.\n2. Classify PR risk level L0-L3.\n3. Check authz, data access, secrets, dependencies, dangerous sinks, and missing tests.\n4. Output blocking issues and non-blocking issues.\n5. Do not modify files.\n\n### Output format\n\n- Risk level\n- Blocking issues\n- Non-blocking issues\n- Missing tests\n- Security boundary changes\n- Verdict: approve / approve with comments / request changes\n\n### Safety rules\n\nDefault audit-only. Do not commit, push, merge, or edit files.\n\n\n### Canonical finding format\n\n```yaml\nid: F-001\nseverity: Critical | High | Medium | Low | Informational\nconfidence: High | Medium | Low\ncategory:\naffected_code:\nroot_cause:\nexploit_path:\npreconditions:\nimpact:\nevidence:\nminimal_fix:\nregression_test:\nauto_fix_suitability: Safe | Needs Human Review | Do Not Auto-Fix\nnotes:\n```\n\n### v0.6 operational guardrails\n\n- Keep the skill within its stated trigger conditions and the user's explicitly provided scope.\n- Preserve project safety boundaries: audit-only by default; Do not execute exploits, Do not auto-merge, Do not upload private source code or secrets, and do not scan unrelated repositories without explicit user request.\n- Ask for explicit human approval before patching high-risk auth, IAM, governance, funds, terminal, or agent-tooling behavior.\n- Report validation performed, files changed, residual risk, and any skipped future-phase work when finished.\n\n## 中文\n\n### 目的\n\n使用这个 skill 进行PR 安全审查。它应该帮助审查者把输入边界、风险证据、影响、修复建议和回归测试组织成可复核的安全输出。\n\n### 触发条件\n\n适用于 已有 PR、diff 或 changed-files summary，需要判断安全回归、blocking issue 和 missing tests。如果请求超出这些边界，先说明范围差异，并选择更合适的 prompt、skill 或人工 review 路径。\n\n### 不适用场景\n\n不要用于完整仓库审计、智能合约协议深审、法律合同 review 或自动修复全部问题。不要把这个 skill 当作自动扫描整个仓库、执行 exploit、上传私有源码或 secrets、自动提交、自动推送或 auto-merge 的许可。\n\n### 操作流程\n\n1. 明确用户给出的目标、允许查看的材料和不能触碰的范围。\n2. 收集必要上下文，但只读取完成任务所需的文件、diff、workflow、fixture 或文档。\n3. 识别 trust boundary、privileged operation、sensitive data、preconditions 和 security impact。\n4. 只报告有 evidence 的 finding；缺少上下文时写 question 或 assumption。\n5. 为 confirmed issue 提出 minimal fix，并规划与 blocking issue 对应的最小回归测试和直接受影响调用路径测试。\n6. 完成后报告验证输出、残余风险和需要人工确认的事项。\n\n### 安全规则\n\n默认 audit-only。未经明确授权，不 patch、不 commit、不 push、不创建 PR、不 merge。不要执行 exploit，不要访问生产系统，不要打印 secrets。涉及 IAM、authz 模型、资金、治理、terminal 执行或 agent-tooling 权限的修复必须进入人工 review。\n\n### 输出要求\n\n使用 canonical finding format。每个 finding 都要包含 severity、confidence、category、affected_code、root_cause、exploit_path、preconditions、impact、evidence、minimal_fix、regression_test、auto_fix_suitability 和 notes。","tags":["security","review","audit","playbook","edmund-xl","agent-skills","chatgpt","codex","devsecops","mcp","smart-contracts"],"capabilities":["skill","source-edmund-xl","skill-pr-security-review","topic-agent-skills","topic-audit","topic-chatgpt","topic-codex","topic-devsecops","topic-mcp","topic-security","topic-smart-contracts"],"categories":["ai-security-audit-playbook"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/edmund-xl/ai-security-audit-playbook/pr-security-review","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add edmund-xl/ai-security-audit-playbook","source_repo":"https://github.com/edmund-xl/ai-security-audit-playbook","install_from":"skills.sh"}},"qualityScore":"0.453","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 7 github stars · SKILL.md body (2,961 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:13:43.979Z","embedding":null,"createdAt":"2026-05-18T13:21:29.522Z","updatedAt":"2026-05-18T19:13:43.979Z","lastSeenAt":"2026-05-18T19:13:43.979Z","tsv":"'-001':185 '1':101,367 '2':109,370 '3':117,377 '4':129,389 '5':138,398 '6':409 'access':121 'affect':106,197,457 'agent':294,442 'agent-tool':293,441 'approv':159,160,281 'ask':54,61,70,277 'assumpt':397 'audit':25,84,89,169,246,415 'audit-on':168,245,414 'auth':287 'authz':119,435 'auto':96,210,220,257,363,470 'auto-fix':95,219 'auto-merg':256,362 'behavior':296 'block':72,131,136,147,151,334,406 'boundari':156,244,380 'call':107 'canon':179,448 'categori':196,456 'caus':200,460 'chang':43,103,157,164,301,330 'changed-fil':42,329 'check':118 'classifi':110 'code':198,264,458 'comment':162 'commit':173,421 'condit':233 'confid':192,455 'confirm':400 'contract':28,87,91 'critic':187 'current':38 'danger':124 'data':120,384 'default':167,249 'depend':123 'diff':13,40,64,327,373 'edit':177 'english':34 'everi':98 'evid':205,391,465 'execut':252 'explicit':238,274,279 'exploit':201,253,357,429,461 'f':184 'file':44,104,142,178,300,331 'find':180,393,449,452 'finish':312 'fix':97,207,211,221,404,467,471 'fixtur':375 'format':144,181,450 'full':23,82 'full-repositori':22,81 'fund':290 'futur':308 'future-phas':307 'govern':289 'guardrail':225 'high':188,193,285 'high-risk':284 'human':215,280 'iam':288,434 'id':183 'identifi':102 'impact':204,388,464 'inform':191 'introduc':65 'issu':73,99,132,137,148,152,335,401,407 'keep':226 'l0':115 'l0-l3':114 'l3':116 'legal':27,90 'level':113,146 'low':190,195 'medium':189,194 'merg':175,258,364,427 'minim':206,403,466 'miss':75,127,153,337 'modifi':141 'need':214 'non':135,150 'non-block':134,149 'note':222,474 'oper':224,382 'output':130,143 'patch':283,419 'path':108,202,462 'perform':299 'phase':309 'pr':2,11,31,39,58,111,326,425 'pr-security-review':1,30 'precondit':203,385,463 'preserv':241 'privat':262 'privileg':381 'project':242 'prompt':342 'protocol':88 'provid':239 'purpos':35 'push':174,423 'question':395 'regress':16,48,208,468 'report':297 'repositori':24,83,272 'request':93,163,276 'residu':302 'review':4,9,29,33,36,56,92,216,345,351,445 'risk':67,112,145,286,303 'root':199,459 'rule':166 'safe':213 'safeti':165,243 'scan':270 'scope':240 'secret':122,266,359,432 'secur':3,15,32,47,66,155,387 'sensit':383 'sever':186,454 'sink':125 'skill':7,228,316,343,354 'skill-pr-security-review' 'skip':306 'smart':86 'smart-contract':85 'sourc':263 'source-edmund-xl' 'state':231 'suitabl':212,472 'summari':45,332 'termin':291,439 'test':76,128,154,209,338,469 'tool':295,443 'topic-agent-skills' 'topic-audit' 'topic-chatgpt' 'topic-codex' 'topic-devsecops' 'topic-mcp' 'topic-security' 'topic-smart-contracts' 'trigger':232 'trust':379 'unrel':271 'upload':261 'use':5,19,51,80 'user':53,60,69,236,275 'v0.6':223 'valid':298 'verdict':158 'whether':62 'within':229 'without':273 'work':310 'workflow':100,374 'yaml':182 '上传私有源码或':358 '不':418,420,422,426 '不创建':424 '不要打印':431 '不要执行':428 '不要把这个':353 '不要用于完整仓库审计':348 '不要访问生产系统':430 '不适用场景':347 '中文':313 '为':399 '但只读取完成任务所需的文件':372 '使用':447 '使用这个':315 '修复建议和回归测试组织成可复核的安全输出':322 '允许查看的材料和不能触碰的范围':369 '先说明范围差异':340 '只报告有':390 '和':336,386,473 '如果请求超出这些边界':339 '它应该帮助审查者把输入边界':319 '安全审查':318 '安全规则':412 '完成后报告验证输出':410 '对应的最小回归测试和直接受影响调用路径测试':408 '已有':325 '并规划与':405 '并选择更合适的':341 '当作自动扫描整个仓库':355 '影响':321 '或':328,396 '或人工':344 '或文档':376 '或自动修复全部问题':352 '执行':356 '执行或':440 '提出':402 '操作流程':366 '收集必要上下文':371 '明确用户给出的目标':368 '智能合约协议深审':349 '未经明确授权':417 '权限的修复必须进入人工':444 '模型':436 '残余风险和需要人工确认的事项':411 '每个':451 '治理':438 '法律合同':350 '涉及':433 '的':392 '的许可':365 '目的':314 '缺少上下文时写':394 '自动推送或':361 '自动提交':360 '触发条件':323 '识别':378 '资金':437 '路径':346 '输出要求':446 '进行pr':317 '适用于':324 '都要包含':453 '需要判断安全回归':333 '风险证据':320 '默认':413","prices":[{"id":"1643447b-1f4c-4d44-aa88-cc65b32630b6","listingId":"ce14171b-6085-4ce6-a271-8b028908a084","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"edmund-xl","category":"ai-security-audit-playbook","install_from":"skills.sh"},"createdAt":"2026-05-18T13:21:29.522Z"}],"sources":[{"listingId":"ce14171b-6085-4ce6-a271-8b028908a084","source":"github","sourceId":"edmund-xl/ai-security-audit-playbook/pr-security-review","sourceUrl":"https://github.com/edmund-xl/ai-security-audit-playbook/tree/main/skills/pr-security-review","isPrimary":false,"firstSeenAt":"2026-05-18T13:21:29.522Z","lastSeenAt":"2026-05-18T19:13:43.979Z"}],"details":{"listingId":"ce14171b-6085-4ce6-a271-8b028908a084","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"edmund-xl","slug":"pr-security-review","github":{"repo":"edmund-xl/ai-security-audit-playbook","stars":7,"topics":["agent-skills","audit","chatgpt","codex","devsecops","mcp","security","smart-contracts"],"license":"mit","html_url":"https://github.com/edmund-xl/ai-security-audit-playbook","pushed_at":"2026-05-13T02:30:26Z","description":"Local-first, audit-only security review playbook for AI coding agents: prompts, skills, read-only MCP, findings, and regression tests.","skill_md_sha":"da3a2ed0a87a06c9013b3ffe27d48598a7e8bda0","skill_md_path":"skills/pr-security-review/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/edmund-xl/ai-security-audit-playbook/tree/main/skills/pr-security-review"},"layout":"multi","source":"github","category":"ai-security-audit-playbook","frontmatter":{"name":"pr-security-review","description":"Use this skill to review a PR or diff for security regressions. Do not use it for full-repository audits or legal contract review."},"skills_sh_url":"https://skills.sh/edmund-xl/ai-security-audit-playbook/pr-security-review"},"updatedAt":"2026-05-18T19:13:43.979Z"}}