II.
LibraryProcess JSON
Structured · livelib-process:security-compliance--codebase-security-audit
codebase-security-audit json
Inspect the normalized record payload exactly as the atlas UI reads it.
{
"id": "lib-process:security-compliance--codebase-security-audit",
"_kind": "LibraryProcess",
"_file": "generated-library/processes.yaml",
"_cluster": "generated-library",
"attributes": {
"displayName": "codebase-security-audit",
"description": "Comprehensive Codebase Security Audit - Multi-domain static security assessment with\nparallel scan agents covering OWASP Top 10, suspicious code patterns, secrets & credentials,\ndependency vulnerabilities, cloud/infrastructure security, frontend client-side security, and\nAI/LLM integration security. Produces a self-contained HTML report with executive summary,\nseverity-filtered findings, and prioritized remediation recommendations. Designed for white-box\naudits of full-stack web applications with optional AI/MCP components.",
"libraryPath": "library/specializations/security-compliance/codebase-security-audit.js",
"specialization": "security-compliance",
"references": [
"- OWASP Top 10 (2021): https://owasp.org/www-project-top-ten/\n- OWASP Testing Guide: https://owasp.org/www-project-web-security-testing-guide/\n- OWASP LLM Top 10: https://owasp.org/www-project-top-10-for-large-language-model-applications/\n- CWE Top 25: https://cwe.mitre.org/top25/archive/2023/2023_top25_list.html\n- NIST SP 800-53: https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final"
],
"example": "const result = await orchestrate('specializations/security-compliance/codebase-security-audit', {\n projectName: 'My Finance App',\n projectRoot: '/path/to/project',\n reportOutputPath: '/path/to/project/reports/security-audit-report.html',\n techStack: {\n frontend: 'React 19, Tailwind CSS',\n backend: 'Google Cloud Functions (Node.js)',\n database: 'Firestore',\n auth: 'Firebase Auth',\n ai: 'Gemini 2.0 Flash via LangChain, MCP tools',\n cicd: 'GitHub Actions',\n hosting: 'Firebase Hosting'\n },\n auditDomains: ['recon', 'owasp', 'patterns', 'secrets', 'dependencies', 'cloud', 'frontend', 'ai'],\n knownComponents: [\n 'React SPA (src/)',\n 'Cloud Functions (cloud_functions/)',\n 'Firestore database',\n 'Firebase Auth',\n 'MCP server integration',\n 'GitHub Actions CI/CD (.github/workflows/)'\n ]\n});\n@example\n// Minimal invocation — auto-detect domains, only projectRoot required\nconst result = await orchestrate('specializations/security-compliance/codebase-security-audit', {\n projectRoot: '/path/to/api'\n});\n@example\n// Backend-only audit — skip frontend and AI domains\nconst result = await orchestrate('specializations/security-compliance/codebase-security-audit', {\n projectName: 'API Backend',\n projectRoot: '/path/to/api',\n auditDomains: ['recon', 'owasp', 'secrets', 'dependencies'],\n techStack: { backend: 'Express.js', database: 'PostgreSQL', auth: 'JWT' }\n});",
"usesAgents": [
"general-purpose"
]
},
"outgoingEdges": [
{
"from": "lib-process:security-compliance--codebase-security-audit",
"to": "domain:security",
"kind": "lib_applies_to_domain",
"attributes": {
"weight": 1
}
},
{
"from": "lib-process:security-compliance--codebase-security-audit",
"to": "role:security-engineer",
"kind": "lib_involves_role",
"attributes": {
"weight": 1
}
},
{
"from": "lib-process:security-compliance--codebase-security-audit",
"to": "workflow:vulnerability-management",
"kind": "lib_implements_workflow",
"attributes": {
"weight": 1
}
},
{
"from": "lib-process:security-compliance--codebase-security-audit",
"to": "specialization:security-compliance",
"kind": "lib_belongs_to_specialization",
"attributes": {
"weight": 0.9
}
}
],
"incomingEdges": []
}