topskills
Browse Skills

security-review

Pre-merge security sweep on the current branch's diff.

Score 0(?)OfficialCodeby Anthropic
Verified for:

Install

Built into Claude Code. Invoke with /security-review.

Best for

Every PR before merge — catches the mechanical security issues a hurried human review misses.

About this skill

Security review of pending changes on the current branch — injection, auth bypass, race conditions, secrets, OWASP Top 10.

SecurityReviewOWASP

Score breakdown

Score breakdown

rubric 1.0
Install count
0/20
Provenance
15/15
GitHub stars
0/15
Recency
10/10
Compatibility
2/10
Documentation depth
6.5/10
Install ergonomics
10/10
License
5/5
Verification freshness
5/5

Composite 0–100 score derived from 9 verifiable signals. See the rubric →

Related skills

Verified

Security audits run by a real security firm. CodeQL + Semgrep + audit workflows.

CodeQLSemgrepAudit
Code
Community

Kubernetes hardening by the book. NetworkPolicies, RBAC, OPA, service mesh.

KubernetesRBACOPA
Code
Verified

Real exploits, no false positives. 96.15% exploit success across 50+ vuln types.

PentestExploitationAction-taking
Code

Skill FAQ

About security-review

What is the security-review skill?

Security review of pending changes on the current branch — injection, auth bypass, race conditions, secrets, OWASP Top 10.

Which agents does security-review work with?

Claude Code.

How do I install security-review?

See the install panel on this page for the per-agent install commands.

Is security-review free to use?

Yes — security-review is open source (MIT).

Who maintains security-review?

security-review is published by Anthropic and was last updated on 2026-05-20.

What is security-review best for?

Every PR before merge — catches the mechanical security issues a hurried human review misses.