jordan/slack5-1770606136
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6a692ff795
slack5-1770606136/.claude/commands/remediate-audit.md
jordan 6a692ff795
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
ci/woodpecker/manual/woodpecker Pipeline was successful
Details
Initialize project from skeleton template
2026-02-09 03:02:16 +00:00

85 lines
2.5 KiB
Markdown
Raw Blame History

---
description: Remediate security audit findings
argument-hint: <feature-slug>
allowed-tools: Bash, Read, Write, Edit, Glob, Grep, Task
---
Remediate audit findings for feature: $ARGUMENTS
## Instructions
### 1. Load Audit Findings
Read `.sdlc/features/$ARGUMENTS/audit.md` to get the full security audit report.
### 2. Parse Findings by Severity
Collect all security findings:
1. **CRITICAL** -- immediate risk, must fix before any progress
2. **HIGH** -- significant risk, must fix before merge
3. **MEDIUM** -- moderate risk, should fix
4. **LOW** -- minor risk, fix if straightforward
### 3. Fix Critical Findings
For each critical finding:
1. Read the affected code
2. Understand the vulnerability and attack vector
3. Apply the proper remediation (input validation, auth check, etc.)
4. Verify the fix addresses the root cause, not just the symptom
### 4. Fix High Findings
After all critical findings are resolved, address high severity issues using the same disciplined approach.
### 5. Fix Medium and Low Findings
Address remaining findings in priority order.
### 6. Run Security Checks
Re-run the checks that originally found the issues:
```bash
go vet ./... 2>/dev/null || true
grep -rn "password\|secret\|token\|api_key" --include="*.go" [feature files] || true
```
### 7. Update Audit Report
Update `.sdlc/features/$ARGUMENTS/audit.md` with remediation notes:
```markdown
## Remediation Log
| Finding | Severity | Status | Resolution |
|---------|----------|--------|------------|
| [description] | CRITICAL | REMEDIATED | [what was done] |
```
### 8. Update Artifact Status
After all remediations are applied and security checks pass, re-evaluate the audit:
- If **all critical and high findings are remediated**: mark as passed
```bash
sdlc artifact pass $ARGUMENTS audit
```
- If **critical or high findings remain**: keep as needs-fix
```bash
sdlc artifact needs-fix $ARGUMENTS audit
```
### 9. Report
Summarize: findings remediated by severity, remaining items, verification results, and artifact status.
## Critical Rules
- ALWAYS fix all critical findings -- no exceptions
- NEVER leave high-severity security issues unresolved
- ALWAYS run security checks after applying fixes
- NEVER fix security issues with workarounds -- address root causes
- ALWAYS update the audit report with remediation details
- NEVER remove security findings from the report -- mark them as remediated
- ALWAYS set the artifact status after remediation (pass if all critical/high resolved)
Reference in New Issue View Git Blame Copy Permalink