Review architecture or code for security risks, vulnerabilities, and compliance issues.
The material indicates a prompt-only security review workflow with no required secrets, no declared remote endpoints, and no evident local execution capability, so overall risk is low. The main caveat is supply-chain confidence: it is open-source on GitHub, but has 0 stars and unknown maintenance status.
The material explicitly states that no keys or environment variables are required; it does not request API tokens, account credentials, or other sensitive authentication data, so credential exposure risk is low.
The system flags it as prompt-only and declares no remote endpoint host. The README mentions using tools like `microsoft_docs_search` / `microsoft_docs_fetch` in some scenarios, but this skill material itself does not declare built-in network egress or a fixed external recipient for user data.
Based on the provided material, the skill mainly defines an audit workflow, triggers, and document-reading steps; it does not state that it launches local processes, executes scripts, or invokes privileged system capabilities.
The README explicitly says it reads project materials such as `plan.md`, `spec.md`, `docs/architecture/decisions/*.md`, and code/diffs for security review. This is a normal data-access pattern for such a skill, but it can expose design documents, architectural decisions, and implementation details, so inputs should be limited to the minimum necessary.
Positive evidence includes being open-source on GitHub and flagged as open-source, so the code is in principle auditable. However, there is no declared license, community adoption is 0 stars, and maintenance status is unknown, so supply-chain confidence is limited and the repository contents and update history should be manually reviewed.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "security-review" skill from askskill: 1. Download https://raw.githubusercontent.com/microsoft/devsquad-copilot/main/.github/plugins/devsquad/skills/security-review/SKILL.md 2. Save it as ~/.claude/skills/security-review/SKILL.md 3. Reload skills and tell me it's ready
Please assess this system design in architectural security review mode: users access an API gateway through a web frontend; the backend includes an authentication service, order service, and PostgreSQL database, deployed on Azure and integrated with a third-party payment API. Use STRIDE to analyze key threats, identify high-risk design issues, and provide mitigations. Do not give general code quality feedback.
A structured list of architectural security risks by threat category, with severity and mitigations.
Please review the following API implementation in code security review mode. Focus on authentication and authorization, input validation, sensitive data exposure, dependency risks, and common OWASP vulnerabilities. Identify the code locations that need changes and suggest fixes: [Paste code or pull request details here]
A concrete list of security flaws, affected code areas, risk explanations, and actionable fixes.
Please perform a security reassessment using the following signals: GitHub Security Alerts show two high-severity dependency vulnerabilities, Azure deployment settings allow public storage access, and the project handles personal user data. Determine which issues are most urgent, classify them as implementation or architectural issues, and provide remediation priorities and sequence.
A prioritized issue list that separates architectural actions from implementation-level remediation.
| Principle | Application |
|---|---|
| CIA Triad | Confidentiality, Integrity, Availability in every assessment |
| Defense in Depth | Multiple layers; never rely on a single control |
| Least Privilege | Minimum permissions for each component |
| Secure by Default | Default configurations must be secure |
| Zero Trust | Never trust, always verify |
| Shift Left | Detect issues early in design, not in production |
Determine the operating mode from the calling agent's context:
Architectural Mode (called from plan):
plan agent after ADR creationCode Mode (called from implement or review):
implement agent after implementationThis mode is mandatory when the feature involves:
| Trigger | Description |
|---|---|
| Authentication/Authorization | Access control, identity, permissions |
| Sensitive data | Information requiring protection (credentials, personal data) |
| External integrations | Communication with systems outside the trust boundary |
| Exposed endpoints | Interfaces accessible by users or external systems |
| Data persistence | Storage of information that crosses boundaries |
Read design artifacts:
plan.md - Stack and architecturedocs/architecture/decisions/*.md - ADRsspec.md - Requirements and user storiesIdentify attack surface:
## Attack Surface
| Component | Exposure | Data | Initial Risk |
|-----------|----------|------|--------------|
| [endpoint] | [public/internal] | [data type] | [low/medium/high] |
Map trust boundaries:
Apply STRIDE (simplified):
| Threat | Question | Typical Control |
|---|---|---|
| Spoofing | Can someone impersonate another? | Strong authentication |
| Tampering | Can data be altered? | Integrity, signatures |
| Repudiation | Can actions be denied? | Logging, audit trail |
| Info Disclosure | Can data leak? | Encryption, ACLs |
| Denial of Service | Can the system be taken down? | Rate limiting, quotas |
| Elevation | Can privileges be escalated? | Least privilege, RBAC |
Evaluate ADRs:
microsoft_docs_search to check security best practices and known service vulnerabilitiesmicrosoft_docs_fetch to get the complete security hardening guide when a relevant gap is identifiedValidate Azure compliance:
azure/policy tool to verify whether the proposed infrastructure complies with the organization's policiesazure/role tool to verify whether the access model follows least privilege (RBAC)azure/wellarchitectedframework tool for each Azure service in the architecture to get the security pillar guidanceGenerate report:
# Security Review - [Feature]
**Mode**: Architectural
**Date**: [date]
**Reviewer**: Copilot Security Agent
## Executive Summary
**Verdict**: [APPROVED | APPROVED_WITH_CONTROLS | BLOCKED]
[Summary in 2-3 sentences of the overall risk and main concerns]
## Attack Surface
[Components table]
## STRIDE Analysis
…
Design and review software architecture diagrams for clearer, documentation-friendly visuals.
Create, switch, and verify Git branches before starting implementation work.
Initialize projects or verify and generate up-to-date SDD documentation templates.
Verify and create standard community and governance files for new projects.
Verify assignee, dependencies, priority, and capacity before starting a work item.
Systematically triage failures and fix broken builds or unexpected runtime issues.
Review security risks for auth, inputs, secrets, APIs, and sensitive features.
Review code or branches for correctness, compatibility, architecture, tests, performance, and security.
Run an end-to-end Power Pages security review with a consolidated HTML report.
Review code deeply across correctness, tests, security, performance, and product quality.
Analyze a codebase for threats, abuse paths, and mitigations in Markdown.
Review system designs with a seven-step method to surface risks and improvements.