A unified LLM-agent skill for code review covering security (CWE) and privacy (GDPR) via a detector-validator methodology.
secpriv-skill is easy to set up with strong trust signals. Check agent compatibility and use-case fit before adding it to your workflow.
npx skills add facebookresearch/secpriv-skillRun the command in your terminal.
Confirm that the skill files were added to your agent workspace.
Check the README requirements before invoking the skill in your agent.
This skill helps LLM agents review code for both security vulnerabilities and privacy violations in one pass. It uses a two-step method: first detect potential issues, then validate them to reduce false positives. It comes with a benchmark of 128 test cases.
SecPriv is a unified LLM-agent skill for code review that covers both security weaknesses (CWE-mapped) and privacy violations (GDPR-mapped) through one methodology with a detector-validator decomposition. The artifact under test is SKILL.md, a system prompt defining the review methodology. The repository includes a 128-case benchmark across 30 canonical categories (20 security, 10 privacy) with a held-out true-negative subset, and an evaluation harness. The skill achieves F1=0.79 on the benchmark, significantly outperforming two-skill and no-skill baselines. It is designed to reduce false positives by sharing structural mechanisms between security and privacy review, such as data flow tracing and transformation awareness.
Strong trust signals; still review the README and permissions before production use.
Last commit was about 0 days ago.
5 GitHub stars indicate community interest.
0 open issues signal maintenance load.
MIT license detected.
Automated code review for security vulnerabilities in pull requests
Privacy compliance checking (GDPR) during code development
Training LLM agents to perform structured security and privacy reviews
Benchmarking and comparing different LLM code review approaches
Integrating into CI/CD pipelines for continuous security and privacy assessment
Agent skills can change coding-agent behavior; review every SKILL.md and referenced script before installing.
Check shell, network, file-system, credential, and API-key requirements before running skill workflows.
5
Stars
0
Forks
0
Issues
MIT
License
A public repository of example skills for Claude, demonstrating how to create reusable instructions and resources for specialized tasks.
Adversarial AI bug hunter with auto-fix skill for Claude Code, Cursor, Codex CLI, GitHub Copilot CLI, Kiro CLI, Opencode, Pi Coding Agent, and more. Multi-agent pipeline finds security vulnerabilities, logic errors, and runtime bugs — then fixes them autonomously on a safe branch.
2 security/trust notes recorded.
Setup difficulty is 2/5.
Browser automation CLI built for AI agents — breaks anti-bot walls, supports multi-session parallel execution.