security.md

name	description
security	Rapid security assessment focused on OWASP Top 10 vulnerabilities

Security Quick Audit

Rapid security assessment focused on OWASP Top 10 vulnerabilities.

Purpose

Perform a quick security scan to identify common vulnerabilities:

• Hardcoded secrets and credentials
• SQL injection risks
• XSS vulnerabilities
• Insecure dependencies
• Authentication/authorization issues

Instructions

Step 1: Secrets Scan

# Common secret patterns
grep -rn --include="*.{js,ts,py,go,java,rb,php,env}" \
  -E "(password|secret|api_key|apikey|token|auth|credential).*[=:].*['\"][^'\"]{8,}['\"]" \
  --exclude-dir={node_modules,vendor,.git,dist,build} . 2>/dev/null | head -20

# .env files that might be committed
find . -name ".env*" -not -path "*/node_modules/*" -type f 2>/dev/null

# Check if secrets are gitignored
[ -f ".gitignore" ] && grep -q "\.env" .gitignore && echo "✅ .env in .gitignore" || echo "⚠️ .env NOT in .gitignore"

Step 2: Injection Vulnerabilities

# SQL injection patterns (raw queries with string concat)
grep -rn --include="*.{js,ts,py,go,java,php}" \
  -E "(query|execute|raw|sql).*\+.*\$|f['\"].*SELECT|\.format\(.*SELECT" \
  --exclude-dir={node_modules,vendor,.git} . 2>/dev/null | head -15

# Command injection patterns
grep -rn --include="*.{js,ts,py,go,rb,php}" \
  -E "(exec|spawn|system|shell_exec|popen)\s*\(" \
  --exclude-dir={node_modules,vendor,.git} . 2>/dev/null | head -15

Step 3: XSS Patterns

# Dangerous innerHTML/dangerouslySetInnerHTML usage
grep -rn --include="*.{js,ts,jsx,tsx,vue}" \
  -E "(innerHTML|dangerouslySetInnerHTML|v-html)" \
  --exclude-dir={node_modules,.git,dist} . 2>/dev/null | head -15

# Unescaped template literals in HTML context
grep -rn --include="*.{js,ts,jsx,tsx}" \
  -E "\`.*\$\{.*\}.*<" \
  --exclude-dir={node_modules,.git,dist} . 2>/dev/null | head -10

Step 4: Dependency Check

# Check for known vulnerabilities in npm packages
[ -f "package-lock.json" ] && npm audit --json 2>/dev/null | jq '{vulnerabilities: .metadata.vulnerabilities}' 2>/dev/null

# Check for outdated packages with security issues
[ -f "package.json" ] && npm outdated --json 2>/dev/null | jq 'to_entries | map(select(.value.current != .value.latest)) | length' 2>/dev/null

Step 5: Auth & Session Issues

# Hardcoded JWT secrets
grep -rn --include="*.{js,ts,py,go}" \
  -E "(jwt|JWT).*secret.*[=:].*['\"].{8,}['\"]" \
  --exclude-dir={node_modules,vendor,.git} . 2>/dev/null

# Missing CSRF protection patterns
grep -rn --include="*.{js,ts,py}" \
  -E "(POST|PUT|DELETE|PATCH).*fetch|axios\.(post|put|delete|patch)" \
  --exclude-dir={node_modules,vendor,.git} . 2>/dev/null | head -10

Output Format

---

🛡️ Security Audit Report

Scan Date: [timestamp] Scope: [directory scanned]

🔴 Critical Issues

Issue	Location	Description
[type]	[file:line]	[brief description]

🟠 High Severity

Issue	Location	Recommendation
[type]	[file:line]	[fix suggestion]

🟡 Medium Severity

Issue	Location	Note
[type]	[file:line]	[context]

📊 Summary

• Critical: X issues
• High: X issues
• Medium: X issues
• Dependencies: X vulnerabilities

🔧 Quick Fixes

1. [Highest priority fix with command/code]
2. [Second priority]
3. [Third priority]

---

Severity Levels

Level	Examples	Action
🔴 Critical	Hardcoded prod secrets, SQL injection	Fix immediately
🟠 High	Missing auth, XSS vectors	Fix before deploy
🟡 Medium	Outdated deps, missing CSRF	Plan remediation
🟢 Low	Best practice violations	Track for improvement

Usage

Full audit:

/security

Focus on specific area:

/security auth
/security deps
/security injection

Specific file/directory:

/security src/api/

Notes

• This is a quick heuristic scan, not a comprehensive security audit
• For production systems, complement with dedicated tools (Snyk, SonarQube, OWASP ZAP)
• False positives are possible - verify findings manually
• See examples/hooks/security-hooks.sh for automated pre-commit security checks

$ARGUMENTS