007

Provides comprehensive security audits, threat modeling, and incident response for projects, ensuring robust infrastructure security.

Install this skill

or

0/100

Security score

The 007 skill was audited on May 14, 2026 and we found 23 security issues across 3 threat categories, including 4 critical. Review the findings below before installing.

Categories Tested

Security Issues

critical line 207

Direct command execution function call

SourceSKILL.md

207	- [ ] Nenhum uso de eval(), exec() com input externo

critical line 386

Direct command execution function call

SourceSKILL.md

386	- Novo codigo contendo `eval()`, `exec()`, `subprocess`, `os.system()`

critical line 207

Eval function call - arbitrary code execution

SourceSKILL.md

207	- [ ] Nenhum uso de eval(), exec() com input externo

critical line 386

Eval function call - arbitrary code execution

SourceSKILL.md

386	- Novo codigo contendo `eval()`, `exec()`, `subprocess`, `os.system()`

high line 386

System command execution

SourceSKILL.md

386	- Novo codigo contendo `eval()`, `exec()`, `subprocess`, `os.system()`

medium line 125

Node child_process module reference

SourceSKILL.md

125	- Onde ha execucao de codigo (eval, exec, subprocess, child_process)

high line 386

Python os.system command execution

SourceSKILL.md

386	- Novo codigo contendo `eval()`, `exec()`, `subprocess`, `os.system()`

medium line 52

Webhook reference - potential data exfiltration

SourceSKILL.md

52	\| APIs \| REST, GraphQL, OAuth, JWT, webhooks, CORS, rate limit \|

medium line 54

Webhook reference - potential data exfiltration

SourceSKILL.md

54	\| Pagamentos \| PCI-DSS mindset, antifraude, idempotencia, webhooks financeiros \|

medium line 114

Webhook reference - potential data exfiltration

SourceSKILL.md

114	- De onde vem dados? (usuario, API, arquivo, banco, agente, webhook)

medium line 153

Webhook reference - potential data exfiltration

SourceSKILL.md

153	\| Spoofing \| Alguem pode se passar por outro? \| Token roubado, webhook falso \|

medium line 222

Webhook reference - potential data exfiltration

SourceSKILL.md

222	- [ ] Assinatura de webhooks verificada

medium line 390

Webhook reference - potential data exfiltration

SourceSKILL.md

390	- Configuracao de API, webhook ou autenticacao sendo alterada

medium line 408

Webhook reference - potential data exfiltration

SourceSKILL.md

408	\| whatsapp-cloud-api \| 007 verifica compliance, anti-ban, seguranca de webhooks \|

medium line 410

Webhook reference - potential data exfiltration

SourceSKILL.md

410	\| telegram \| 007 verifica seguranca de bot, token storage, webhook validation \|

medium line 521

Webhook reference - potential data exfiltration

SourceSKILL.md

521	## Playbook: Webhook Falso / Replay Attack

low line 528

Webhook reference - potential data exfiltration

SourceSKILL.md

528	- Suspender processamento de webhooks

low line 532

Webhook reference - potential data exfiltration

SourceSKILL.md

532	- Quais webhooks foram aceitos indevidamente?

low line 533

Webhook reference - potential data exfiltration

SourceSKILL.md

533	- Houve acao financeira baseada em webhook falso?

low line 543

Webhook reference - potential data exfiltration

SourceSKILL.md

543	- Assinatura obrigatoria em TODOS os webhooks

low line 546

Webhook reference - potential data exfiltration

SourceSKILL.md

546	- Alertas para webhooks de fontes desconhecidas

medium line 619

Webhook reference - potential data exfiltration

SourceSKILL.md

619	- `references/payment-security.md` — PCI-DSS, antifraude, webhooks financeiros

medium line 387

Access to .env file

SourceSKILL.md

387	- Arquivo `.env` ou segredo sendo commitado/modificado

Scanned on May 14, 2026

View Security Dashboard

Installation guide →

GitHub Stars 37.5K

Rate this skill

Categorydevelopment

UpdatedMay 20, 2026

claude-code antigravity cursor gemini-cli security-engineer devops-sre qa-engineer technical-pm product-manager development product

sickn33/antigravity-awesome-skills