---

name: security-audit description: Review security of command execution, tool permissions, and API key handling. Use when user mentions "security review", "audit", "check security", "vulnerabilities", or before deploying to production. allowed-tools: Read, Grep, Glob

Security Audit

Instructions

1. Command Execution Review (backend/main.py):

   • Check run_terminal_command() for shell injection vulnerabilities
   • Verify timeout is enforced (should be 15 seconds)
   • Look for dangerous command patterns

2. Tool Permission Review:

   • Verify Chat mode only allows: read_file, web_search
   • Check Agent mode tool restrictions
   • Look for permission bypass vulnerabilities

3. Secrets Management:

   • Ensure .env is in .gitignore
   • Check no API keys are hardcoded
   • Verify python-dotenv usage for environment variables

4. WebSocket Security:

   • Check for authentication on /ws endpoint
   • Review message validation
   • Look for injection points in user input

5. Frontend Security:

   • Check for XSS in markdown rendering
   • Review image upload handling (base64 encoding)
   • Verify no sensitive data in client-side code

6. Generate report with:

   • Critical issues (immediate action required)
   • Warnings (should fix before production)
   • Recommendations (best practices)

Examples

• "Run a security audit"
• "Check for vulnerabilities"
• "Review security before deploy"

Guardrails

• This is a READ-ONLY audit; do not modify files
• Report findings without exploiting vulnerabilities
• Recommend fixes but get user approval before implementing
• Never log or expose discovered secrets