gstack

History

Garry Tan 65ca7adfd4 feat: zero-noise /cso security audits with FP filtering (v0.11.0.0) Absorb Anthropic's security-review false positive filtering into /cso: - 17 hard exclusions (DOS, test files, log spoofing, SSRF path-only, regex injection, race conditions unless concrete, etc.) - 9 precedents (React XSS-safe, env vars trusted, client-side code doesn't need auth, shell scripts need concrete untrusted input path) - 8/10 confidence gate — below threshold = don't report - Independent sub-agent verification for each finding - Exploit scenario requirement per finding - Framework-aware analysis (Rails CSRF, React escaping, Angular sanitization) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-22 10:48:11 -07:00
..
SKILL.md	feat: zero-noise /cso security audits with FP filtering (v0.11.0.0)	2026-03-22 10:48:11 -07:00
SKILL.md.tmpl	feat: zero-noise /cso security audits with FP filtering (v0.11.0.0)	2026-03-22 10:48:11 -07:00

feat: zero-noise /cso security audits with FP filtering (v0.11.0.0)

Absorb Anthropic's security-review false positive filtering into /cso:
- 17 hard exclusions (DOS, test files, log spoofing, SSRF path-only,
  regex injection, race conditions unless concrete, etc.)
- 9 precedents (React XSS-safe, env vars trusted, client-side code
  doesn't need auth, shell scripts need concrete untrusted input path)
- 8/10 confidence gate — below threshold = don't report
- Independent sub-agent verification for each finding
- Exploit scenario requirement per finding
- Framework-aware analysis (Rails CSRF, React escaping, Angular sanitization)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-22 10:48:11 -07:00

SKILL.md

feat: zero-noise /cso security audits with FP filtering (v0.11.0.0)

2026-03-22 10:48:11 -07:00

SKILL.md.tmpl

feat: zero-noise /cso security audits with FP filtering (v0.11.0.0)

2026-03-22 10:48:11 -07:00