np-dms/lcbp3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a57fef4d4479de2c702c10dc7b13176e196283f5
lcbp3/.windsurf/workflows/12-speckit.security-audit.md
T
admin a57fef4d44
CI / CD Pipeline / build (push) Successful in 5m51s
Details
CI / CD Pipeline / deploy (push) Successful in 2m9s
Details
690427:0812 Update Infras #01
2026-04-27 08:12:28 +07:00

981 B
Raw Blame History

auto_execution_mode, description
auto_execution_mode description
0 Perform a security-focused audit of the codebase against OWASP Top 10, CASL authorization, and LCBP3-DMS security requirements.

Workflow: speckit.security-audit

  1. Context Analysis:

    • The user may pass a scope hint: backend, frontend, both, or specific module paths (defaults to both).

  2. Load Skill:

    • Use the view_file tool to read the skill file at: .agents/skills/speckit-security-audit/SKILL.md
    • Also load .agents/skills/_LCBP3-CONTEXT.md for project-specific rules.

  3. Execute:

    • Follow the instructions in the SKILL.md exactly.
    • This is READ-ONLY — never modify code during the audit.
    • Output a structured report with Critical / High / Medium / Low severity.

  4. On Error:

    • If scope unclear: Default to both (backend + frontend)
    • If specs/06-Decision-Records/ADR-016-security-authentication.md missing: Warn and proceed with OWASP Top 10 + CASL checks only
Reference in New Issue View Git Blame Copy Permalink