security-review-spec

Audits tech specs for security concerns, merging findings into a cohesive review for enhanced security oversight.

Install this skill

85/100

Security score

The security-review-spec skill was audited on May 19, 2026 and we found 3 security issues across 1 threat category. Review the findings below before installing.

Categories Tested

Security Issues

medium line 37

Webhook reference - potential data exfiltration

SourceSKILL.md

37	- New external inputs, endpoints, webhooks, CLI surfaces, or file formats that are introduced without describing who can reach them and under what trust assumptions.

medium line 61

Webhook reference - potential data exfiltration

SourceSKILL.md

61	- Features that can be triggered by external events (webhooks, comments, scheduled jobs) without describing rate limiting, deduplication, or cost controls.

medium line 96

Webhook reference - potential data exfiltration

SourceSKILL.md

96	- `⚠️ [IMPORTANT] [SECURITY] Authentication model for new webhook is unspecified: ...`

Scanned on May 19, 2026

View Security Dashboard

Installation guide →

GitHub Stars 212

Rate this skill

Categorydevelopment

UpdatedJune 15, 2026

frontend design docx git api security-engineer backend-developer devops-sre github development

warpdotdev/oz-for-oss