Ctrl K
to navigate Enter to select Esc to close

Security Audit

OWASP-based security vulnerability analysis for comprehensive codebase security assessment.

6-Step Workflow

This tool requires 6 steps to complete. Each step focuses on a specific security domain for thorough analysis.

Overview

The security_audit tool performs comprehensive security analysis based on OWASP guidelines. It detects vulnerabilities across multiple categories including injection attacks, broken authentication, sensitive data exposure, and security misconfigurations.

Workflow Steps

1
Injection & Input Validation
SQL injection, command injection, XSS vulnerabilities, and input sanitization issues.
2
Authentication & Session Management
Password handling, session security, token management, and authentication flows.
3
Cryptography & Data Protection
Encryption algorithms, key management, hashing, and secure random generation.
4
Sensitive Data Exposure
Hardcoded secrets, PII handling, logging of sensitive data, and data transmission security.
5
Security Misconfigurations
Debug settings, default credentials, insecure headers, and configuration vulnerabilities.
6
Dependencies & Final Assessment
Vulnerable dependencies, outdated packages, and comprehensive security summary.

Parameters

Parameter Type Required Description
step_number
integer		 Required Current step number (1-6)
next_step_required
boolean		 Required Set to false on step 6 to generate report
files_examined
array[string]		 Required List of file paths examined in this step
confidence
string		 Required Confidence level: exploring, low, medium, high, very_high, certain
continuation_id
string		 After step 1 UUID from step 1 response (required for steps 2-6)
vulnerabilities_found
array[object]		 Optional Security findings discovered in this step
security_assessments
object		 Optional Positive security observations by domain
project_root_path
string		 Optional Absolute path to project root for report generation

Vulnerability Format

Each vulnerability in vulnerabilities_found should follow this structure:

json 
{
  "severity": "critical",
  "category": "SQL Injection",
  "description": "User input directly concatenated into SQL query without parameterization",
  "affected_files": ["src/api/users.py"],
  "remediation": "Use parameterized queries or an ORM",
  "cwe_id": "CWE-89"
}

Severity Levels

  • Critical - Immediate exploitation possible, severe impact
  • High - Easily exploitable, significant impact
  • Medium - Exploitable with some effort, moderate impact
  • Low - Limited exploitability or impact
  • Info - Best practice recommendations

Common CWE IDs

CWE Category Description
CWE-89 SQL Injection Improper neutralization of SQL commands
CWE-79 XSS Cross-site scripting
CWE-78 Command Injection OS command injection
CWE-287 Authentication Improper authentication
CWE-798 Hardcoded Credentials Use of hard-coded credentials
CWE-327 Weak Crypto Use of broken cryptographic algorithm

Complete Example

Step 1: Start Audit

MCP Tool Call 
security_audit(
  step_number=1,
  next_step_required=true,
  files_examined=["src/api/auth.py", "src/api/users.py"],
  confidence="exploring",
  vulnerabilities_found=[
    {
      "severity": "high",
      "category": "SQL Injection",
      "description": "Raw SQL query with string concatenation",
      "affected_files": ["src/api/users.py"],
      "cwe_id": "CWE-89"
    }
  ]
)

Step 1 Response

json 
{
  "continuation_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
  "step_completed": 1,
  "total_steps": 6,
  "findings_count": 1,
  "next_step_guidance": {
    "step_name": "Authentication & Session Management",
    "focus_areas": [
      "Password hashing and storage",
      "Session token generation",
      "Authentication bypass vulnerabilities"
    ],
    "suggested_files": ["**/auth/**", "**/session/**", "**/login/**"]
  }
}

Step 6: Complete Audit

MCP Tool Call 
security_audit(
  step_number=6,
  continuation_id="a1b2c3d4-e5f6-7890-abcd-ef1234567890",
  next_step_required=false,
  files_examined=["requirements.txt", "package.json"],
  confidence="high",
  security_assessments={
    "Authentication": "Uses bcrypt with appropriate cost factor",
    "Session Management": "Secure session configuration"
  },
  project_root_path="/Users/dev/myproject"
)

Output

On completion, the tool generates:

  • A markdown report at reports/NNN_SECURITY_AUDIT_REPORT.md
  • Summary statistics of all findings
  • Categorized vulnerabilities by severity
  • Remediation recommendations