Library / Review

Security pass

A targeted security review of sensitive code.

Review security audit correctness Claude Code
The prompt
Audit @<file> for injection, auth, and secret-handling issues. For each finding give the concrete risk, a reproduction path, and a specific fix. Ignore theoretical issues that can't happen given how it's called.

Why it works

Naming the vulnerability classes focuses the audit, and demanding a reproduction path filters out low-value “could theoretically” noise. Every finding comes with a fix you can act on.

Fill in

  • @<file> — the code handling input, auth, or secrets.

Follow-ups

  • “Write a test that would catch the injection finding.”