@firstpick/pi-skill-code-security
Agents should invoke this skill for code security reviews, leaked secret checks, dependency risk, unsafe shell/Python/TypeScript/Rust patterns, auth/input-validation flaws, SAST-style audits, or supply-chain concerns in repositories.
Package details
Install @firstpick/pi-skill-code-security from npm and Pi will load the resources declared by the package manifest.
$ pi install npm:@firstpick/pi-skill-code-security- Package
@firstpick/pi-skill-code-security- Version
0.1.1- Published
- May 18, 2026
- Downloads
- not available
- Author
- firstpick
- License
- MIT
- Types
- skill
- Size
- 10 KB
- Dependencies
- 0 dependencies · 0 peers
Pi manifest JSON
{
"skills": [
"./skills"
]
}Security note
Pi packages can execute code and influence agent behavior. Review the source before installing third-party packages.
README
@firstpick/pi-skill-code-security
A Pi skill for code security reviews, leaked secret checks, dependency risk, unsafe shell/Python/TypeScript/Rust patterns, auth/input-validation flaws, SAST-style audits, or supply-chain concerns in repositories.
What it does
- Adds the
code-securityskill to Pi's skill library. - Guides agents to invoke the skill for code security reviews, leaked secret checks, dependency risk, unsafe shell/Python/TypeScript/Rust patterns, auth/input-validation flaws, SAST-style audits, or supply-chain concerns in repositories.
- Bundles
skills/code-security/SKILL.mdplus any supporting references, scripts, tests, fixtures, or assets used by the skill.
Install
pi install npm:@firstpick/pi-skill-code-security
Configuration
No required configuration.
Commands
None.
Tools
None.
Example view
User: Review this change for the concerns covered by `code-security`.
Agent: Invokes the `code-security` skill, follows its workflow, and reports the result.