security▌

Comprehensive security guidelines for Perl applications covering input validation, injection prevention, and secure coding practices.

Repository-grounded threat modeling that maps trust boundaries, assets, and abuse paths to concrete code evidence. \n \n Enumerates entry points, data flows, and trust boundaries anchored to actual repository structure and configuration \n Derives realistic attacker goals tied to specific assets (credentials, PII, integrity-critical state, compute resources) rather than generic checklists \n Prioritizes threats using likelihood and impact reasoning, with explicit assumptions about deployment, au

Language and framework-specific security reviews with actionable vulnerability detection and fix guidance. \n \n Supports Python, JavaScript/TypeScript, and Go with framework-specific best practices loaded from a references directory \n Operates in three modes: secure-by-default code generation, passive vulnerability detection during development, and full security audit reports with severity prioritization \n Generates detailed markdown reports with line-number references, impact statements, and

Specialized workflow for testing web applications against OWASP Top 10 vulnerabilities including injection attacks, XSS, broken authentication, and access control issues.

Security audit patterns for authorization, data access, action isolation, rate limiting, and sensitive operations in Convex applications. \n \n Covers five core security areas: role-based access control with hierarchical permissions, data access boundaries with ownership verification, action isolation for external API calls, rate limiting with configurable windows, and two-factor confirmation for destructive operations \n Includes complete TypeScript examples for RBAC implementation, permission-

5 commands for token risk analysis, DApp phishing detection, transaction pre-execution security, signature safety, and approval management.

Master smart contract security with vulnerability detection, auditing methodology, and incident response procedures.

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across multiple ecosystems to identify vulnerabilities, assess risks, and provide automated remediation strategies.

Identifies security vulnerabilities, generates structured audit reports with severity ratings, and provides actionable remediation guidance. \n \n Conducts SAST scans, dependency audits, secrets scanning, and manual code review across authentication, input handling, and cryptography \n Supports penetration testing, infrastructure security audits, and cloud security reviews with scope verification and rules of engagement enforcement \n Produces severity-rated findings (Critical/High/Medium/Low/In

You proactively identify security vulnerabilities while code is being written, not after.