General

Prompts, toolsets, and patterns that are not tied to a specific agent live here. Treat General as the default shelf: recipes should be usable by any workflow that can read the prompt, fetch the JSON, or attach the MCP context.

What usually lives here

  • Triage frameworks - the decision trees and checklists your team uses when a new finding lands.
  • Guardrail patterns - repeated ideas for keeping automation safe, such as scoped credentials, dry-run gates, and review policies.
  • Review checklists - what a human should look at when reviewing a machine-generated PR.
  • PR templates - the body your workflow should fill in when it opens a PR.
  • Commit-message conventions - style rules automation should follow when committing.
  • Python helper toolsets - small scripts and checks that prepare evidence, normalize scanner output, or validate a recipe result.

When this is the right folder

Put a recipe here when the finding class, evidence question, or helper toolset matters more than the product used to run it. Product-specific packaging can be mentioned inside the recipe, but the reusable guidance belongs in General.

Browse entries

Every entry carries its author, team, and maturity. Click any card for the full prompt.

OWASP Top 10 (2026) — repo audit

development

A tool-agnostic hunt prompt that walks an agent through a structured audit of a repository against every category in the OWASP Top 10 (2026 iteration). The output is a …

author Stephen M Abbottteam Securitymodel used Opus 4.7updated 2026-04-22
owasptop-10audithuntsastsecurity-posture

OWASP Top 10:2025 — repo audit

development

A tool-agnostic hunt prompt that walks an agent through a structured audit of a repository against every category in the OWASP Web Application Top 10:2025. As of 2026-05-02, …

author Stephen M Abbottteam Securitymodel used Opus 4.7updated 2026-04-22
owasptop-10audithuntsastsecurity-posture

OWASP Top 10 (2026) — remediate

development

A tool-agnostic remediation prompt that takes a single finding from an OWASP Top 10 (2026) audit — or any equivalent source — and turns it into a reviewer-ready pull request. …

author Stephen M Abbottteam Securitymodel used Opus 4.7updated 2026-04-22
owasptop-10remediateprfix

OWASP Top 10:2025 — remediate

development

A tool-agnostic remediation prompt that takes a single finding from an OWASP Web Application Top 10:2025 audit — or any equivalent source — and turns it into a reviewer-ready …

author Stephen M Abbottteam Securitymodel used Opus 4.7updated 2026-04-22
owasptop-10remediateprfix

SAST finding — triage and fix

development

A tool-agnostic prompt that takes a single SAST finding and either opens a reviewer-ready PR (true positive, fixable), opens a suppression PR with justification and an expiry …

author Stephen M Abbottteam Securitymodel used Opus 4.7updated 2026-04-25
sasttriagefalse-positiveremediatepr

Base image — bump and rebuild

development

A tool-agnostic prompt that takes a CVE finding scoped to a base image or an OS-package layer, and produces a reviewer-ready PR that bumps the FROM line (or the package install …

author Stephen M Abbottteam Securitymodel used Opus 4.7updated 2026-04-25
containersdockerbase-imagecveremediate

Source code audit - attack surface map

development

A tool-agnostic source-code audit recipe that asks an agent to map where untrusted input enters a repository, where privileged actions happen, and which trust boundaries deserve …

author Stephen M Abbottteam Securitymodel used gpt-5-codexupdated 2026-06-06
source-codeauditattack-surfacethreat-modelread-only

Compromised package — cache quarantine

development

A tool-agnostic prompt that takes a "this package is malicious" advisory and runs the eviction across the org's registries, caches, and mirrors — quarantining the artifact, …

author Stephen M Abbottteam Securitymodel used Opus 4.7updated 2026-04-25
supply-chainregistrycachequarantineincident

Source code audit - auth and tenant boundaries

development

A focused source-code audit recipe for authorization, tenant isolation, object ownership, and privilege-boundary mistakes. It is designed for code review sessions where the …

author Stephen M Abbottteam Securitymodel used gpt-5-codexupdated 2026-06-06
source-codeauditauthorizationtenant-boundaryidor

CVE intelligence intake gate

development

A tool-agnostic prompt that turns a fresh CVE, GHSA, OSV, vendor bulletin, scanner alert, or ticket into one of five bounded outcomes:

author Codexteam Securitymodel used GPT 5.5 Extra High reasoningupdated 2026-06-06
cveintelligencetriageadvisoryguardrail

Source code audit - injection and unsafe sinks

development

A source-code audit recipe for tracing untrusted input into dangerous sinks: SQL, shell, template rendering, SSRF, deserialization, file paths, regular expressions, dynamic …

author Stephen M Abbottteam Securitymodel used gpt-5-codexupdated 2026-06-06
source-codeauditinjectionssrfunsafe-sinksdataflow

Agent session — telemetry-driven kill rules

development

A tool-agnostic prompt that takes a workflow's run telemetry and a draft set of decision rules, and produces (a) a vetted rule pack the session monitor can load and (b) a …

author Stephen M Abbottteam Securitymodel used Opus 4.7updated 2026-04-25
runtimetelemetryguardrailkill-switchmonitor

Source code audit - secrets and data exposure

development

A source-code audit recipe for finding places where secrets, tokens, credentials, regulated data, or customer content can leak through code, logs, telemetry, prompts, artifacts, …

author Stephen M Abbottteam Securitymodel used gpt-5-codexupdated 2026-06-06
source-codeauditsecretssensitive-dataloggingprivacy

Source code audit - dependency and build integrity

development

A source-code audit recipe for dependency hygiene, lockfile integrity, build and CI trust boundaries, generated artifacts, package publishing, and release provenance.

author Stephen M Abbottteam Securitymodel used gpt-5-codexupdated 2026-06-06
source-codeauditsupply-chaindependenciescibuild-integrity

Classic Vulnerable Defaults

Prompts that mitigate or replace the durable, unsafe-by-default patterns that show up in new code year after year — pickle, unsafe YAML, JNDI, JWT `none`, XXE, polymorphic deserialization, `eval`, and friends.

Crypto & DeFi Security Recipes

Tool-agnostic prompts for securing cryptocurrency payment flows, wallet operations, and DeFi protocol controls.

Compliance & Standards Checks

Tool-agnostic recipes for producing auditor-reviewable evidence and gap reports against common security, compliance, and software supply-chain standards.

Contribute a new general prompt