zhongwei/gh-nehoraihadad-agent-maestro-cli-plugins-maestro-delegation-suite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0f1fd2e7da133cf01f3ea97ae2947cbff16cb716
gh-nehoraihadad-agent-maest…/skills/maestro-delegation-advisor/examples/security-audit.md
Zhongwei Li 0f1fd2e7da Initial commit
2025-11-30 08:42:32 +08:00

2.4 KiB
Raw Blame History

Example: Security Audit

User Request

"Review our authentication system for security vulnerabilities and suggest improvements"

Task Analysis

{
  complexity: 'high',
  requiresWeb: false,
  requiresSpeed: false,
  requiresContext: true,
  securityCritical: true,
  costSensitive: false,
  canParallelize: false,
  hasDependencies: false
}

Decision Process

Why Claude?

  • Security expertise: 92/100 capability score
  • Performance advantage: 44% faster, 25% more accurate on security tasks
  • Context requirements: Needs deep understanding of codebase (1M token window)
  • Confidence: 0.95

Why not Codex?

  • Security is not Codex's primary strength (60/100)
  • Quick fixes ≠ thorough security analysis

Why not Gemini?

  • Doesn't require web research
  • Security audits need deep technical analysis, not content generation

Delegation Output

I'll delegate this security analysis to Claude, who specializes in security audits:

[[DELEGATE:claude]]
Perform a comprehensive security audit of our authentication system:

1. **Code Review:**
   - Analyze authentication flow in src/auth/
   - Review session management in src/middleware/session.ts
   - Check password hashing implementation
   - Examine token generation and validation

2. **Common Vulnerabilities:**
   - SQL injection risks
   - XSS vulnerabilities
   - CSRF protection
   - Session fixation issues
   - Timing attacks on password comparison

3. **Best Practices Check:**
   - Password strength requirements
   - Account lockout mechanisms
   - Rate limiting on auth endpoints
   - Secure cookie configuration
   - HTTPS enforcement

4. **Deliverables:**
   - List of vulnerabilities with severity levels (Critical/High/Medium/Low)
   - Specific code locations for each issue
   - Detailed recommendations with code examples
   - Priority order for fixes
[[/DELEGATE]]

Expected Result

Claude will provide:

  • Detailed security report with prioritized vulnerabilities
  • Specific file locations and line numbers
  • Code examples showing both vulnerable and fixed versions
  • Compliance recommendations (OWASP, NIST, etc.)

Follow-up Actions

After receiving the audit results:

  1. Review findings with team
  2. Prioritize fixes based on severity
  3. Optionally delegate implementation to Codex: 
    [[DELEGATE:codex]]
Implement the high-priority security fixes identified in the audit:
[paste specific recommendations]
[[/DELEGATE]]
Reference in New Issue View Git Blame Copy Permalink