SecurityMédio

Insecure Defaults Detection

portrailofbits·trailofbits· v1.0.0 · atualizado em 2026-04-10

Score

Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.

insecure-defaultssecurity-auditconfiguration-managementsecrets-managementvulnerability-detectionfail-opencode-review

0Stars

0Forks

0Usos

Fork

Documento do Skill

SKILL.mdinsecure-defaults/workflow

Project Discovery: — Determine language, framework, and project conventions.

Search: — Identify potential insecure defaults using relevant patterns (e.g., fallback secrets, hardcoded credentials).

Verify: — Trace the code path to understand runtime behavior and configuration variable usage.

Confirm: — Determine if the insecure default impacts the production environment.

Report: — Document the finding with location, pattern, verification steps, production impact, and exploitation details.

Telemetria de Agentes

Execuções

total

Taxa de Sucesso

últimos 30d

Latência Média

0.0s

p50

Alucinação

0.0%

detecção

Tokens Entrada

avg 0/exec

Tokens Saída

avg 0/exec

Uso por Plataforma

Skills Relacionados

Similar aWallet Policy Generator

60%

Similar aQuery Token Audit Skill

60%

Similar aSpring Boot Security Review

60%

Árvore do Skill

Insecure Defaults Detection

insecure-defaults

Fases Cognitivas5

1.SENSE

2.CONTEXTUALIZE

3.EVALUATE

4.RECOMMEND

5.REFLECT

Triggers7

detect insecure defaultsfind hardcoded secretscheck for weak authenticationanalyze permissive security settingsaudit security configurationreview environment variable handlingidentify fail-open vulnerabilities

Avaliar este Skill

Score Breakdown

⭐Avaliação Humana0%

🤖Sucesso de Agentes0%

🕐Atualidade100%

🔗Saúde de Dependências100%

🕸️Centralidade no Grafo0%

🛡️Segurança50%

CompositeScore = α·Humano + β·Agente + γ·Recência + δ·Deps + ε·Centralidade + ζ·Segurança

Instalação

$ synaptic mcp download insecure-defaults

$ synaptic skills detail insecure-defaults

$ synaptic skills live insecure-defaults

Links

GitHub Repository