II.
LibraryProcess overview
Reference · livelib-process:security-compliance--codebase-security-audit
codebase-security-audit overview
Comprehensive Codebase Security Audit - Multi-domain static security assessment with parallel scan agents covering OWASP Top 10, suspicious code patterns, secrets & credentials, dependency vulnerabilities, cloud/infrastructure security, frontend client-side security, and AI/LLM integration security. Produces a self-contained HTML report with executive summary, severity-filtered findings, and prioritized remediation recommendations. Designed for white-box audits of full-stack web applications with optional AI/MCP components.
Attributes
displayName
codebase-security-audit
description
Comprehensive Codebase Security Audit - Multi-domain static security assessment with
parallel scan agents covering OWASP Top 10, suspicious code patterns, secrets & credentials,
dependency vulnerabilities, cloud/infrastructure security, frontend client-side security, and
AI/LLM integration security. Produces a self-contained HTML report with executive summary,
severity-filtered findings, and prioritized remediation recommendations. Designed for white-box
audits of full-stack web applications with optional AI/MCP components.
libraryPath
library/specializations/security-compliance/codebase-security-audit.js
specialization
security-compliance
references
- - OWASP Top 10 (2021): https://owasp.org/www-project-top-ten/ - OWASP Testing Guide: https://owasp.org/www-project-web-security-testing-guide/ - OWASP LLM Top 10: https://owasp.org/www-project-top-10-for-large-language-model-applications/ - CWE Top 25: https://cwe.mitre.org/top25/archive/2023/2023_top25_list.html - NIST SP 800-53: https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final
example
const result = await orchestrate('specializations/security-compliance/codebase-security-audit', {
projectName: 'My Finance App',
projectRoot: '/path/to/project',
reportOutputPath: '/path/to/project/reports/security-audit-report.html',
techStack: {
frontend: 'React 19, Tailwind CSS',
backend: 'Google Cloud Functions (Node.js)',
database: 'Firestore',
auth: 'Firebase Auth',
ai: 'Gemini 2.0 Flash via LangChain, MCP tools',
cicd: 'GitHub Actions',
hosting: 'Firebase Hosting'
},
auditDomains: ['recon', 'owasp', 'patterns', 'secrets', 'dependencies', 'cloud', 'frontend', 'ai'],
knownComponents: [
'React SPA (src/)',
'Cloud Functions (cloud_functions/)',
'Firestore database',
'Firebase Auth',
'MCP server integration',
'GitHub Actions CI/CD (.github/workflows/)'
]
});
@example
// Minimal invocation — auto-detect domains, only projectRoot required
const result = await orchestrate('specializations/security-compliance/codebase-security-audit', {
projectRoot: '/path/to/api'
});
@example
// Backend-only audit — skip frontend and AI domains
const result = await orchestrate('specializations/security-compliance/codebase-security-audit', {
projectName: 'API Backend',
projectRoot: '/path/to/api',
auditDomains: ['recon', 'owasp', 'secrets', 'dependencies'],
techStack: { backend: 'Express.js', database: 'PostgreSQL', auth: 'JWT' }
});
usesAgents
- general-purpose
Outgoing edges
lib_applies_to_domain1
- domain:security·DomainSecurity
lib_belongs_to_specialization1
- specialization:security-compliance·Specialization
lib_implements_workflow1
- workflow:vulnerability-management·Workflow
lib_involves_role1
- role:security-engineer·RoleSecurity Engineer
Incoming edges
None.