Full security audit — secrets, dependencies, IAM, auth, injection, XSS, HTTPS, rate limiting, public storage. Use when asked for "security audit", "check for vulnerabilities", "security review", or "are we secure".
Add the marketplace (inside Claude Code):
/plugin marketplace add tonone-ai/tononeInstall the plugin:
/plugin install warden-auditWooYun business logic vulnerability methodology — a security testing knowledge plugin distilled from 22,132 public cases, adding evidence-based references, quantitative statistics, and data-driven prioritization.
Comprehensive security rules for AI coding agents
Spec-driven offensive-security framework: 31 kill-chain skills, executable safety controls, pattern-learning memory, bounded engagement engine, and a SessionStart skill-invocation dispatcher.