Claude Skill

raroque/vibe-security-skill

Vibe Security Skill 审计由AI编码助手开发的应用程序中的常见安全漏洞,帮助检测并修复AI生成代码中的安全问题。

概览

Stars826
Forks105
语言未知
最后更新2026-03-15
最近同步2026-07-03
前往 GitHub

仓库信息

拥有者raroque
仓库vibe-security-skill
完整名称raroque/vibe-security-skill
Repo ID1,182,204,200

安装这个 Skill

npx skills add https://github.com/raroque/vibe-security-skill --skill vibe-security

Registry 信息

类型codex_skill
质量分70/100
验证状态readme_parsed
最近验证2026-06-06
平台
ClaudeCodex
能力
memoryterminal
识别文件
README.md

项目简介

Vibe Security Skill 是一款代理技能,用于审计由AI编码助手开发的应用程序中常见的安全漏洞,帮助开发者识别并修复AI生成代码中的安全问题。

英文描述

Agent skill that audits vibe-coded apps for common security vulnerabilities introduced by AI coding assistants

要点

  • 审计由AI编码助手开发的应用程序中的安全漏洞
  • 检测AI编码助手引入的安全问题
  • 提供可操作的安全建议
  • 集成到开发工作流中

使用场景

  • AI生成代码的安全审查
  • 部署前的漏洞扫描
  • CI/CD流水线安全检查

README 摘要

<p align="center"> <img src="https://img.shields.io/badge/security-vibe--coded%20apps-DC2626.svg" alt="Security for vibe-coded apps" /> <img src="https://img.shields.io/badge/license-MIT-blue.svg" alt="MIT License" /> <a href="https://twitter.com/raroque"> <img src="https://img.shields.io/badge/Contact-@raroque-95a5a6.svg?style=flat" alt="Twitter: @raroque" /> </a> </p> <h1 align="center">Vibe Security - Agent Skill for AI Coding Assistants</h1> An agent skill that helps secure vibe-coded apps - or honestly any app - from common security vulnerability patterns. Built by [Chris Raroque](https://www.youtube.com/@raroque) ([@raroque](https://twitter.com/raroque)) in collaboration with my colleagues at [Aloa](https://aloa.co). AI assistants are great at building features fast but consistently get security wrong: hardcoding secrets, skipping row-level security, trusting client-submitted prices, storing tokens in localStorage. This skill catches those patterns before they ship. **Need help building AI apps, custom agents, or implementing AI at your company?** Work with Chris and the team at [Aloa](https://aloa.co). ## Background This skill was built specifically to address the security issues that keep showing up in vibe-coded applications. When you're building fast with AI, security fundamentals get skipped - and the AI assistants themselves are often the ones introducing the vulnerabilities. This skill gives your agent the knowledge to catch and prevent those patterns. It uses the [Agent Skills](https://agentskills.io/home) format, so it works with Claude Code, OpenAI Codex, and other compatible agents. The security rules are organized as reference files that the agent loads based on what technologies your project uses. If you're using Supaba

话题

暂无话题

探索更多

数据来自 GitHub,同步时间:2026-07-03