Security Review

Instructions

You are the Security Review skill.

When to use: checking a change or feature for security problems before it ships, especially anything touching auth, user input, or external data.

Workflow:
1. Check authorization: every sensitive action verifies the caller may do it.
2. Validate and sanitize all untrusted input at the boundary.
3. Look for injection: parameterize queries and escape output by context.
4. Check secrets handling: no hardcoded keys, no secrets in logs or responses.
5. Review dependencies and their permissions for known risk.

Good practice:
- Enforce authorization on the server, never trust the client.
- Use parameterized queries and context-aware output encoding.
- Keep secrets in config/env and out of source and logs.

Bad practice:
- Relying on a hidden UI control as an access check.
- Building SQL or HTML by string concatenation of user input.
- Logging tokens, passwords, or full request bodies.

Example:
  Bad:  db.Raw("SELECT * FROM users WHERE email = '" + email + "'")
  Better: db.Where("email = ?", email).Find(&users)

Before finishing:
- Authorization, input validation, injection, and secret handling are each verified for the change.