Security Review

Your AI pair programmer finally learned to read the whole file before panicking. This skill does actual security research — tracing data flows, checking framework protections, and understanding your codebase context — before it flags a single issue. No more "this might theoretically be vulnerable" noise cluttering your reviews.

It covers the full OWASP catalog: injection, XSS, CSRF, SSRF, auth flaws, broken access control, insecure deserialization, cryptography mistakes, and more. It knows that settings.API_URL is not an SSRF and that Django templates auto-escape, so it won't waste your time on false positives that a generic checker would happily scream about.

What you get is a structured report with only high-confidence, genuinely exploitable findings — sorted by severity, with exact file locations, vulnerable code snippets, and concrete fixes. Built on OWASP's Cheat Sheet Series, created by the team at Sentry.