← Back to list
security-audit
by Mic23-01
🚀 Antigravity: The definitive template for production-grade Autonomous Agents. Hybrid architecture, dual-layer memory (ChromaDB + Filesystem), sequential thinking, battle-tested guardrails. From concept to deployment in minutes
⭐ 0🍴 0📅 Jan 22, 2026
Run in ManusSKILL.md
name: security_audit description: Security scan for secrets, risky files, and vulnerable dependencies. version: 1.0.0 (Divine) author: Antigravity
Operational Instructions
This skill executes a static security audit on the project. It identifies dangerous files, exposed credentials, and broken dependencies.
Trigger
- Pre-Commit: Before uploading sensitive code.
- Refactor: When touching configuration files.
- On-Demand: Explicit request "Verify security".
Inputs
- Target Logic: Directory to scan (default:
.). - Exclude Patterns: Files/Folders to ignore (e.g.,
.git,.venv,node_modules).
Steps
- Secret Scanning: Search for Regex patterns (AWS, GitHub, Generic Keys) in tracked files.
- Risky Files Audit: Search for prohibited extensions (
.exe,.p12,.key) and giant files (>50MB). - Dependency Check: Run
uv pip checkto verify Python environment consistency. - Reporting: Generate JSON/Markdown output with PASS/FAIL status for each check.
Outputs
- Console: Colored log with immediate result.
- Report: List of violated files (if FAIL).
Fail-Fast
- If Confirmed Secrets (High Confidence) are found, the audit FAILS and requires manual intervention.
Suggested Commands
uv run .agent/skills/security_audit/scripts/audit_runner.py
Score
Total Score
75/100
Based on repository quality metrics
✓SKILL.md
SKILL.mdファイルが含まれている
+20
✓LICENSE
ライセンスが設定されている
+10
✓説明文
100文字以上の説明がある
+10
○人気
GitHub Stars 100以上
0/15
✓最近の活動
1ヶ月以内に更新
+10
○フォーク
10回以上フォークされている
0/5
✓Issue管理
オープンIssueが50未満
+5
✓言語
プログラミング言語が設定されている
+5
✓タグ
1つ以上のタグが設定されている
+5
Reviews
💬
Reviews coming soon
