chore(repo): initialize planarchy workspace

.agents/skills/security-audit/SKILL.md

@@ -0,0 +1,135 @@
+---
+name: security-audit
+description: >
+  Comprehensive security scanning and vulnerability detection. Includes input validation, path traversal prevention, CVE detection, and secure coding pattern enforcement.
+  Use when: authentication implementation, authorization logic, payment processing, user data handling, API endpoint creation, file upload handling, database queries, external API integration.
+  Skip when: read-only operations on public data, internal development tooling, static documentation, styling changes.
+---
+
+# Security Audit Skill
+
+## Purpose
+Comprehensive security scanning and vulnerability detection. Includes input validation, path traversal prevention, CVE detection, and secure coding pattern enforcement.
+
+## When to Trigger
+- authentication implementation
+- authorization logic
+- payment processing
+- user data handling
+- API endpoint creation
+- file upload handling
+- database queries
+- external API integration
+
+## When to Skip
+- read-only operations on public data
+- internal development tooling
+- static documentation
+- styling changes
+
+## Commands
+
+### Full Security Scan
+Run comprehensive security analysis on the codebase
+
+```bash
+npx @claude-flow/cli security scan --depth full
+```
+
+**Example:**
+```bash
+npx @claude-flow/cli security scan --depth full --output security-report.json
+```
+
+### Input Validation Check
+Check for input validation issues
+
+```bash
+npx @claude-flow/cli security scan --check input-validation
+```
+
+**Example:**
+```bash
+npx @claude-flow/cli security scan --check input-validation --path ./src/api
+```
+
+### Path Traversal Check
+Check for path traversal vulnerabilities
+
+```bash
+npx @claude-flow/cli security scan --check path-traversal
+```
+
+### SQL Injection Check
+Check for SQL injection vulnerabilities
+
+```bash
+npx @claude-flow/cli security scan --check sql-injection
+```
+
+### XSS Check
+Check for cross-site scripting vulnerabilities
+
+```bash
+npx @claude-flow/cli security scan --check xss
+```
+
+### CVE Scan
+Scan dependencies for known CVEs
+
+```bash
+npx @claude-flow/cli security cve --scan
+```
+
+**Example:**
+```bash
+npx @claude-flow/cli security cve --scan --severity high
+```
+
+### Security Audit Report
+Generate full security audit report
+
+```bash
+npx @claude-flow/cli security audit --report
+```
+
+**Example:**
+```bash
+npx @claude-flow/cli security audit --report --format markdown --output SECURITY.md
+```
+
+### Threat Modeling
+Run threat modeling analysis
+
+```bash
+npx @claude-flow/cli security threats --analyze
+```
+
+### Validate Secrets
+Check for hardcoded secrets
+
+```bash
+npx @claude-flow/cli security validate --check secrets
+```
+
+
+## Scripts
+
+| Script | Path | Description |
+|--------|------|-------------|
+| `security-scan` | `.agents/scripts/security-scan.sh` | Run full security scan pipeline |
+| `cve-remediate` | `.agents/scripts/cve-remediate.sh` | Auto-remediate known CVEs |
+
+
+## References
+
+| Document | Path | Description |
+|----------|------|-------------|
+| `Security Checklist` | `docs/security-checklist.md` | Security review checklist |
+| `OWASP Guide` | `docs/owasp-top10.md` | OWASP Top 10 mitigation guide |
+
+## Best Practices
+1. Check memory for existing patterns before starting
+2. Use hierarchical topology for coordination
+3. Store successful patterns after completion
+4. Document any new learnings