Code Review Pipeline
Workflow@snippbot/workflow-code-review ORG
Automated code review pipeline: lint, test, security scan, then generate review summary.
Security Audit Sandbox
sandbox_preset@snippbot/sandbox-security-audit ORG
Security auditing environment with Bandit, Semgrep, Trufflehog, Safety, and vulnerability scanners.
Security Scan Hook
hook@snippbot/hook-security-scan ORG
Scan for leaked secrets and known vulnerabilities when files change. Uses trufflehog and safety.
Spec: Technical Specification Generator
@snippbot/workflow-spec ORG
Generate a living technical specification from a feature idea. Defines API contracts, database schemas, user stories with Given/When/Then acceptance criteria, UI hierarchy, security rules, and test requirements.
Audit: Plan vs. Codebase Verification
@snippbot/workflow-audit ORG
Audit a completed implementation plan against the actual codebase. Generates a tailored audit prompt, then verifies planned vs. actual — checking for missing implementations, broken integrations, and security gaps.
Security Analyst Profile
@snippbot/profile-security-analyst ORG
AI assistant configured as an expert security analyst. Threat modeling, vulnerability assessment, OWASP Top 10, SAST/DAST, compliance frameworks, and incident response.
OWASP Security Cheatsheets
@snippbot/owasp-cheatsheets ORG
Collection of OWASP-based security cheatsheets covering SQL injection prevention, XSS prevention, authentication best practices, secure headers, API security, and secrets management.
Security Analyst Suite
@snippbot/suite-security-analyst ORG
Complete Snippbot setup for security analysts. Bundles a security-focused AI persona with threat modeling, CVE lookup, an incident-response workflow, dependency vulnerability alerts, weekly compliance reporting, and an OWASP knowledge base.