--- description: Remediate security audit findings argument-hint: allowed-tools: Bash, Read, Write, Edit, Glob, Grep, Task --- Remediate audit findings for feature: $ARGUMENTS ## Instructions ### 1. Load Audit Findings Read `.sdlc/features/$ARGUMENTS/audit.md` to get the full security audit report. ### 2. Parse Findings by Severity Collect all security findings: 1. **CRITICAL** -- immediate risk, must fix before any progress 2. **HIGH** -- significant risk, must fix before merge 3. **MEDIUM** -- moderate risk, should fix 4. **LOW** -- minor risk, fix if straightforward ### 3. Fix Critical Findings For each critical finding: 1. Read the affected code 2. Understand the vulnerability and attack vector 3. Apply the proper remediation (input validation, auth check, etc.) 4. Verify the fix addresses the root cause, not just the symptom ### 4. Fix High Findings After all critical findings are resolved, address high severity issues using the same disciplined approach. ### 5. Fix Medium and Low Findings Address remaining findings in priority order. ### 6. Run Security Checks Re-run the checks that originally found the issues: ```bash go vet ./... 2>/dev/null || true grep -rn "password\|secret\|token\|api_key" --include="*.go" [feature files] || true ``` ### 7. Update Audit Report Update `.sdlc/features/$ARGUMENTS/audit.md` with remediation notes: ```markdown ## Remediation Log | Finding | Severity | Status | Resolution | |---------|----------|--------|------------| | [description] | CRITICAL | REMEDIATED | [what was done] | ``` ### 8. Report Summarize: findings remediated by severity, remaining items, verification results. ## Critical Rules - ALWAYS fix all critical findings -- no exceptions - NEVER leave high-severity security issues unresolved - ALWAYS run security checks after applying fixes - NEVER fix security issues with workarounds -- address root causes - ALWAYS update the audit report with remediation details - NEVER remove security findings from the report -- mark them as remediated