np-dms/lcbp3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5537d20152de488fa38e4d623e97d1c26ff37376
lcbp3/.agents/workflows/112-speckit.security-audit.md
T
admin 5537d20152
CI / CD Pipeline / build (push) Failing after 10m44s
Details
CI / CD Pipeline / deploy (push) Has been skipped
Details
690513:0920 Refactor Workflow module: Lint error #01
2026-05-13 09:20:49 +07:00

981 B
Raw Blame History

auto_execution_mode, description
auto_execution_mode description
0 Perform a security-focused audit of the codebase against OWASP Top 10, CASL authorization, and LCBP3-DMS security requirements.

Workflow: speckit.security-audit

  1. Context Analysis:

    • The user may pass a scope hint: backend, frontend, both, or specific module paths (defaults to both).

  2. Load Skill:

    • Use the view_file tool to read the skill file at: .agents/skills/speckit-security-audit/SKILL.md
    • Also load .agents/skills/_LCBP3-CONTEXT.md for project-specific rules.

  3. Execute:

    • Follow the instructions in the SKILL.md exactly.
    • This is READ-ONLY — never modify code during the audit.
    • Output a structured report with Critical / High / Medium / Low severity.

  4. On Error:

    • If scope unclear: Default to both (backend + frontend)
    • If specs/06-Decision-Records/ADR-016-security-authentication.md missing: Warn and proceed with OWASP Top 10 + CASL checks only
Reference in New Issue View Git Blame Copy Permalink