Production security review and hardening for Codex, AI-generated codebases, and vibe-coded applications.
Secure is a Codex skill that reviews whole projects by capability, data flow, and broken invariants instead of filename assumptions. It is built for modern app teams shipping AI-assisted and vibe-coded applications where generated code, fast iteration, and hidden production paths can create real security risk. It scans large repositories compactly, confirms real risks from source, fixes confirmed issues when asked, verifies the result, and reports coverage without claiming a project is magically "100% secure".
Most AI security reviews miss the dangerous parts of real codebases:
- trusted request headers that create admin sessions;
- authentication mistaken for authorization;
- tenant and owner checks only applied to list pages;
- mass assignment into policy fields;
- public routes with harmless names like
preview,helper,asset, orsafe; - fail-open Redis, cache, webhook, payment, AI, PDF, and storage flows;
- findings lists that never say what was actually verified.
Secure is built to catch those misses.
skills/secure/ The canonical skill: SKILL.md, references, scanners, and UI metadata
site/ Astro documentation site and case library
benchmark/ Original 21-case intentionally vulnerable Node.js baseline
evaluation/ Multi-language vulnerable/safe fixtures, held-out verifiers, and scoring
The skill uses the standard Skills CLI discovery layout:
skills/secure/SKILL.md
One canonical skill avoids fragmented installs and keeps behavior synchronized. The alias decision records the discovery evidence.
Secure routes natural language to concrete workflows:
review: read-only production/security review.diff-review: read-only review of a PR, commit, branch, or working-tree change.audit: broader production-readiness assessment.threat-model: map actors, assets, trust boundaries, sinks, and controls.fix: repair validated findings after explicit authorization.verify: focused tests, rescan, coverage, and residual-risk reporting.
Users do not need to know these commands. Requests like "review this project before commit" and "make it production ready" are enough.
The product and installable skill name is secure.
Use natural language, or call a command directly when you want a specific workflow.
| Command | What it does |
|---|---|
review [path] |
Read-only repository or scoped-path security review. |
diff-review [change] |
Read-only review of a PR, commit, branch, staged change, or working tree. |
audit [path] |
Broader production-readiness security assessment. |
threat-model [feature] |
Actors, assets, trust boundaries, abuse cases, and required controls. |
fix [finding or path] |
Repair validated findings only after explicit authorization. |
verify [finding or fix] |
Focused tests, rescan, coverage, and residual-risk reporting. |
Usage examples:
Use secure. Review this project before commit:
C:\path\to\project
Use secure. Audit this app before production:
C:\path\to\project
Use secure. Fix all validated Critical and High findings:
C:\path\to\project
Use secure. Threat-model the upload and signed URL flow.
Use secure. Verify the authorization fixes and report residual risk.
The normative contract is
skills/secure/references/operating-contract.md,
with a versioned JSON form in
review-contract.json.
The included fixture covers 21 review invariants:
- Authentication Trust
- Authorization Dominance
- Tenant Boundary
- Owner Scope
- Mass Assignment
- State Transition Invariants
- Route Exposure
- Side Effect Reachability
- Fail-open Behavior
- Visibility Rules
- Secrets and Unsafe Examples
- CORS and CSRF
- Rate Limits and Abuse Cost
- Malformed Input
- Logging and Error Leakage
- Upload and Storage Boundaries
- Signed URL Scope
- AI, PDF, and Document Processing
- Payments and Finance
- Webhook Authenticity
- Naming Bias
This fixture is a structural coverage contract, not a current model-efficacy score. Only three cases include exploit smoke tests; the remaining cases are validated as seeded source conditions.
The v2 evaluation adds safe negative controls, five language pairs, raw
transcripts, repeated TypeScript trials, and fix verification. Its fixtures,
leakage controls, commands, scoring rules, and generated report live in
evaluation/. See the generated
evaluation/REPORT.md for the versioned results and
their limits.
List and install the canonical skill from the Skills CLI:
npx skills add usesecure/secure-skill --list
npx skills add usesecure/secure-skill --skill secureCheck the four target discovery phrases:
npx skills find "security review"
npx skills find "secure code review"
npx skills find "appsec hardening"
npx skills find "vibe security"Registry indexing can lag a repository push. The
docs/DISTRIBUTION.md matrix distinguishes strict
remote installation from the non-blocking visibility probe.
Copy the skill folder into your Codex skills directory:
Copy-Item -Recurse .\skills\secure "$env:USERPROFILE\.codex\skills\secure"Then start a new Codex chat and use:
Use secure. Review this project before commit, focused on production and security issues:
C:\path\to\project
For hardening:
Use secure. Make this project production ready. Fix confirmed Critical and High findings, verify, rescan, and report fix coverage:
C:\path\to\project
Benchmark fixture:
cd benchmark
npm testComplete repository validation from a clean checkout:
npm run validate:allThis installs the pinned root and site dependencies, validates every skill and metadata file, compiles the scanners, runs the benchmark, smoke-installs every skill in isolation, builds the site, and checks the generated Pages links and assets.
Vercel:
vercelThis repository includes vercel.json, so Vercel can deploy from the repository
root while building the Astro site in site/ and publishing site/dist. On
GitHub Pages the site is built under /secure-skill/; on Vercel it is built at /.
Set PUBLIC_SITE_URL in Vercel if you want canonical URLs to use a custom
domain.
Focused checks, from this repository root after dependencies are installed:
npm run check:repo
npm run check:scripts
npm run check:install
npm run check:distribution
npm run check:registry
npm run build:site && npm run check:sitecheck:distribution compares a clean install from the public repository with
the current checkout. Run it after the commit under test has been pushed.
check:registry reports external indexing without failing normal CI.
- evidence over generic best practices;
- source-confirmed findings over keyword matches;
- capability review over filename assumptions;
- scoped fix coverage over false confidence;
- token-efficient inspection for large projects;
- multi-language invariants instead of framework-specific tunnel vision.
MIT.