{"skill":{"slug":"sec-audit-cn","displayName":"Sec Audit Cn","summary":"在中国等地区进行代码安全审计、安全编码与评审时使用：覆盖 OWASP Top 10、鉴权与授权、密钥与配置、CORS/CSP、 输入校验与防注入、XSS/CSRF、依赖漏洞、日志与错误处理；输出分级结论与可执行修复建议。 适用于 Web/API、移动端后端、小程序服务端、涉及个人信息与支付回调的业务。","tags":{"latest":"1.0.0"},"stats":{"comments":0,"downloads":100,"installsAllTime":0,"installsCurrent":0,"stars":0,"versions":1},"createdAt":1775619196293,"updatedAt":1775619212058},"latestVersion":{"version":"1.0.0","createdAt":1775619196293,"changelog":"Initial release of sec-audit-cn.\n\n- Provides comprehensive security audit guidance tailored for China and similar regions, covering OWASP Top 10, authentication/authorization, secrets, CORS/CSP, input validation, XSS/CSRF, dependency vulnerabilities, and logging.\n- Includes actionable, prioritized remediation advice suitable for web/API backends, mobile backend, mini-program servers, and business logic involving personal data or payments.\n- Delivers code samples, checklists, and practical recommendations for each OWASP Top 10 category and common security controls.\n- Adjusts for local compliance considerations (Cybersecurity Law, Data Security Law, etc.) and domestic threat models.\n- Outputs structured, implementation-ready audit results.","license":"MIT-0"},"metadata":null,"owner":{"handle":"clawkk","userId":"s170g5yz1q3ksjnn4gz6v24af983h1mh","displayName":"clawkk","image":"https://avatars.githubusercontent.com/u/265748372?v=4"},"moderation":null}