Skills
.Work. You
Rest

auditing-pre-release-security

Official

Security audit between two git refs.

Software Engineering#git#workflow#ci/cd#security#dependencies#audit#release
AuthorOneKeyHQ
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Audits security and supply-chain risk between two git refs, comparing code diffs, dependency deltas, lockfile determinism, and CI/CD configurations to surface issues before release. The output is a Chinese Markdown report, with a unique title and filename containing the refs to avoid overwrites.

Core Features & Use Cases

  • Diff-based security checks: Identify potential vulnerabilities in code changes.
  • Dependency delta analysis: Compare direct and transitive dependencies and lockfile determinism.
  • Node_modules behavior review: Inspect newly added packages for risky behavior.
  • CI/CD risk assessment: Scan workflows and build configs for insecure patterns.

Quick Start

Provide BASE_REF and TARGET_REF (e.g., v5.19.0 → release/v5.20.0), then run the audit to generate a Chinese Markdown report or a structured summary.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: auditing-pre-release-security
Download link: https://github.com/OneKeyHQ/app-monorepo/archive/main.zip#auditing-pre-release-security

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.