security-review
Conducts thorough security code reviews to identify vulnerabilities and ensure robust application security.
Install this skill
or
37/100
Security score
The security-review skill was audited on May 26, 2026 and we found 9 security issues across 2 threat categories, including 3 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
high line 191
Direct command execution function call
SourceSKILL.md
| 191 | exec(user_input) # Any language |
high line 197
Direct command execution function call
SourceSKILL.md
| 197 | child_process.exec(user) # Node.js |
high line 190
Eval function call - arbitrary code execution
SourceSKILL.md
| 190 | eval(user_input) # Any language |
medium line 206
Template literal with variable interpolation in command context
SourceSKILL.md
| 206 | `SELECT * FROM x WHERE ${user}` # SQL injection |
medium line 207
System command execution
SourceSKILL.md
| 207 | os.system(f"cmd {user_input}") # Command injection |
low line 197
Node child_process module reference
SourceSKILL.md
| 197 | child_process.exec(user) # Node.js |
medium line 207
Python os.system command execution
SourceSKILL.md
| 207 | os.system(f"cmd {user_input}") # Command injection |
low line 10
External URL reference
SourceSKILL.md
| 10 | https://cheatsheetseries.owasp.org/ |
low line 58
External URL reference
SourceSKILL.md
| 58 | | Hardcoded values | `BASE_URL = "https://api.internal"` | Compile-time constants | |
Scanned on May 26, 2026
View Security Dashboard