Security Audit Scan
Scan for CVEs, OWASP risks, hardcoded secrets, and security misconfigurations
Example Prompt
Run a security audit on our project — check dependencies for CVEs, scan for hardcoded secrets, and report any OWASP risks
About
Performs a comprehensive security audit by scanning project dependencies for known CVEs, reading source files for OWASP Top 10 vulnerability patterns and hardcoded secrets, then reasoning through findings to assess exploitability and severity. Produces a prioritized report with remediation guidance for each finding.
Workflow Steps
List project directories to identify dependency manifests, config files, and source code
📁 List DirectoryRead dependency files and source code to detect vulnerable packages, hardcoded secrets, and insecure patterns
📄 Read FileCross-reference findings against CVE databases and OWASP advisory resources
🌐 Web SearchAssess each finding's severity and exploitability, then prioritize remediations
🧠 Structured ReasoningWrite a structured security audit report with severity ratings and remediation steps
✏️ Write FileTools Used
Web Search
Search the web using Brave Search and return relevant results with snippets
List Directory
List all files and subdirectories in a given directory path
Read File
Read the contents of a file at a specified path on the local filesystem
Write File
Write or overwrite a file at a specified path with the given content
Structured Reasoning
Break down a complex problem into sequential reasoning steps with explicit chain-of-thought