Back to catalogue

Security Audit Pipeline

Developer Official v1.0.13

Scan code for vulnerabilities, categorise findings by OWASP type, prioritise by severity, and produce a remediation roadmap

by skrptiq

security audit owasp vulnerability code-review
workflow Updated 11 May 2026 20 nodes 1 download

Sign in to import this skrpt into your workspace.

Sign in
What's included 20 nodes
1 workflow 8 skills 8 prompts 1 service 1 source 1 asset
workflow (1)

Security Audit Pipeline

Orchestrates a full security audit: scan for vulnerabilities, categorise by OWASP type, assess severity, plan remediation, and produce an executive report

skills (8)

Brief Compliance Check

Checks output against its stated brief — required sections, constraints, and missing deliverables

Consistency Check

Checks naming, terminology, tense, voice, style, and internal coherence across a document

Executive Reporting

Produces an executive summary and detailed technical findings report for separate audiences

Finding Categorisation

Groups scan findings by OWASP Top 10 category for structured analysis and reporting

Language Polish

Spelling, grammar, punctuation, sentence clarity, and minor wording cleanup

Remediation Planning

Generates specific fix recommendations per finding with code examples, effort estimates, and dependency mapping

Severity Assessment

Rates each finding by severity using CVSS-like criteria: exploitability, impact, and affected scope

Vulnerability Scanning

Scans codebase for security vulnerabilities including injection flaws, authentication issues, exposed secrets, and insecure configurations

prompts (8)

Assess Severity

Rates each categorised finding by severity using structured exploitability, impact, and scope criteria

Categorise Findings

Groups raw scan findings into OWASP Top 10 categories for structured analysis

Check Brief Compliance

Verifies output meets all requirements from the original brief

Check Consistency

Checks naming, terminology, tense, voice, and internal coherence across a document

Plan Remediation

Generates specific fix recommendations with code examples, effort estimates, and dependency mapping

Polish Language

Corrects spelling, grammar, punctuation, and improves sentence clarity

Scan Vulnerabilities

Instructs the LLM to perform a comprehensive vulnerability scan of the target codebase

Write Executive Report

Produces a two-part audit report: executive summary for leadership and detailed technical findings for engineers

service (1)

LLM Service

Language model service for analysis, synthesis, and document generation

source (1)

OWASP Top 10 Reference

Reference card listing the OWASP Top 10 2021 categories with descriptions and common examples

asset (1)

Security Finding Template

Structured template for documenting individual security findings consistently across the audit

Requirements 1 service, 2 permissions, 3 data types
Services
  • LLM Service
Permissions
  • filesystem:read
  • shell:execute
Data Handling
  • source code
  • pii
  • credentials
Security Passed
All checks passed v1.0.13 · scanner v2.8.0

Detected

  • Services:
  • Permissions: shell:execute
  • Data Handling: pii
Full report →
Version history 5 releases
v1.0.13 latest 11 May 2026

Automated release v1.0.13

v1.0.12 27 April 2026

Automated release v1.0.12

v1.0.11 25 April 2026

Automated release v1.0.11

v1.0.10 16 April 2026

Automated release v1.0.10

v1.0.8 13 April 2026

Automated release v1.0.8

More from Developer

View all →
Developer Official

Release Process Pipeline

Drafts user-facing release notes from recent commits and pull requests

by skrptiq · 13 nodes
Developer Official

Bug Report Triage Pipeline

Classifies incoming bug reports, extracts structured details, and triages by severity using incident response guidelines

by skrptiq · 11 nodes
Developer Official

Sprint Wrapup Pipeline

Summarises sprint retrospective notes and extracts action items for the next sprint

by skrptiq · 15 nodes