Claude Skill
raroque/vibe-security-skill
Vibe Security Skill audits vibe-coded apps for common security vulnerabilities introduced by AI coding assistants. Detect and fix issues in AI-generated code.
Overview
Repository
Install this Skill
npx skills add https://github.com/raroque/vibe-security-skill --skill vibe-securityRegistry
Summary
Vibe Security Skill is an agent skill that audits vibe-coded applications for common security vulnerabilities introduced by AI coding assistants. It helps developers identify and fix security issues in AI-generated code.
审核由AI编码助手开发的应用程序中常见安全漏洞的代理技能(Claude Skill)
Key features
- Audits vibe-coded apps for security vulnerabilities
- Detects issues introduced by AI coding assistants
- Provides actionable security recommendations
- Integrates with development workflows
Use cases
- Security review of AI-generated code
- Pre-deployment vulnerability scanning
- CI/CD pipeline security checks
README excerpt
<p align="center"> <img src="https://img.shields.io/badge/security-vibe--coded%20apps-DC2626.svg" alt="Security for vibe-coded apps" /> <img src="https://img.shields.io/badge/license-MIT-blue.svg" alt="MIT License" /> <a href="https://twitter.com/raroque"> <img src="https://img.shields.io/badge/Contact-@raroque-95a5a6.svg?style=flat" alt="Twitter: @raroque" /> </a> </p> <h1 align="center">Vibe Security - Agent Skill for AI Coding Assistants</h1> An agent skill that helps secure vibe-coded apps - or honestly any app - from common security vulnerability patterns. Built by [Chris Raroque](https://www.youtube.com/@raroque) ([@raroque](https://twitter.com/raroque)) in collaboration with my colleagues at [Aloa](https://aloa.co). AI assistants are great at building features fast but consistently get security wrong: hardcoding secrets, skipping row-level security, trusting client-submitted prices, storing tokens in localStorage. This skill catches those patterns before they ship. **Need help building AI apps, custom agents, or implementing AI at your company?** Work with Chris and the team at [Aloa](https://aloa.co). ## Background This skill was built specifically to address the security issues that keep showing up in vibe-coded applications. When you're building fast with AI, security fundamentals get skipped - and the AI assistants themselves are often the ones introducing the vulnerabilities. This skill gives your agent the knowledge to catch and prevent those patterns. It uses the [Agent Skills](https://agentskills.io/home) format, so it works with Claude Code, OpenAI Codex, and other compatible agents. The security rules are organized as reference files that the agent loads based on what technologies your project uses. If you're using Supaba
Topics
No topics yet.