CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-05 21:25:27 +02:00
Code Issues Packages Projects Releases Wiki Activity
129 Commits 237 Branches 0 Tags
5e53ea4efcfbf2fd63761653dd74b6d9246edd7b
Commit Graph

3 Commits

Author SHA1 Message Date
Garry Tan 65ca7adfd4 feat: zero-noise /cso security audits with FP filtering (v0.11.0.0) 
Absorb Anthropic's security-review false positive filtering into /cso:
- 17 hard exclusions (DOS, test files, log spoofing, SSRF path-only,
  regex injection, race conditions unless concrete, etc.)
- 9 precedents (React XSS-safe, env vars trusted, client-side code
  doesn't need auth, shell scripts need concrete untrusted input path)
- 8/10 confidence gate — below threshold = don't report
- Independent sub-agent verification for each finding
- Exploit scenario requirement per finding
- Framework-aware analysis (Rails CSRF, React escaping, Angular sanitization)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-22 10:48:11 -07:00
Garry Tan 24b7e11050 Merge PR #155: add /cso skill — OWASP Top 10 + STRIDE security audit 
# Conflicts:
#	scripts/gen-skill-docs.ts
#	scripts/skill-check.ts
#	test/gen-skill-docs.test.ts
#	test/skill-validation.test.ts
 2026-03-22 09:57:09 -07:00
Arun Kumar Thiagarajan dba128f824 feat: add /cso skill — OWASP Top 10 + STRIDE security audit 2026-03-18 10:50:26 +05:30