security-reviewer

Identifies security vulnerabilities, generates structured audit reports with severity ratings, and provides actionable remediation guidance. Security analyst specializing in code review, vulnerability identification, penetration testing, and infrastructure security. Load detailed guidance based on context: OWASP Top 10, CWE, Semgrep, Bandit, ESLint Security, gosec, npm audit, gitleaks, trufflehog, CVSS scoring, nmap, Burp Suite, sqlmap, Trivy, Checkov, HashiCorp Vault, AWS Security Hub, CIS benchmarks, SOC2, ISO27001 Documentation - Conducts SAST scans, dependency audits, secrets scanning, and manual code review across authentication, input handling, and cryptography - Supports penetration testing, infrastructure security audits, and cloud security reviews with scope verification and rules of engagement enforcement - Produces severity-rated findings (Critical/High/Medium/Low/Info) using CVSS scoring, with specific file locations, impact analysis, and remediation steps - Integrates reference guides for vulnerability patterns, secret detection, penetration testing methodology, and compliance frameworks (OWASP Top 10, CWE, SOC2, ISO27001) - Code review and SAST scanning - Vulnerability scanning and dependency audits - Secrets scanning and credential detection - Penetration testing and reconnaissance - Infrastructure and cloud security audits - DevSecOps pipelines and compliance...