secure-pr — community secure-pr, Instapermit, community, ide skills, Claude Code, Cursor, Windsurf

v1.0.0
GitHub

About this Skill

Perfect for Code Review Agents needing automated security audit capabilities for Python projects. Instapermit

ConnerBabb ConnerBabb
[0]
[0]
Updated: 3/5/2026

Agent Capability Analysis

The secure-pr skill by ConnerBabb is an open-source community AI agent skill for Claude Code and other IDE workflows, helping agents execute tasks with better context, repeatability, and domain-specific guidance.

Ideal Agent Persona

Perfect for Code Review Agents needing automated security audit capabilities for Python projects.

Core Value

Empowers agents to perform comprehensive security reviews of pull requests using ruff for linting and pytest for testing, detecting hardcoded secrets, injection vulnerabilities, and unsafe data handling.

Capabilities Granted for secure-pr

Automating security audits for pull requests
Detecting hardcoded secrets and API keys
Identifying potential injection vulnerabilities and unsafe data handling

! Prerequisites & Limits

  • Requires local installation of ruff and pytest
  • Limited to Python projects
  • Dependent on /security-review slash command functionality
Labs Demo

Browser Sandbox Environment

⚡️ Ready to unleash?

Experience this Agent in a zero-setup browser environment powered by WebContainers. No installation required.

Boot Container Sandbox

secure-pr

Install secure-pr, an AI agent skill for AI agent workflows and automation. Works with Claude Code, Cursor, and Windsurf with one-command setup.

SKILL.md
Readonly

Secure PR Workflow

Follow these steps in order. Do not skip any step.

Step 1 — Pre-flight checks

Run the linter and tests locally. If either fails, fix the issues before continuing.

ruff check .
ruff format --check .
pytest

Step 2 — Security review

Run the /security-review slash command to perform a full security review of all pending changes. This reviews the diff for:

  • Hardcoded secrets or API keys
  • Injection vulnerabilities
  • Unsafe data handling
  • Dependency issues
  • Any other security concerns

Do not proceed to step 3 until the security review is complete and all findings are addressed.

Step 3 — Create the PR

Create the pull request using the standard format:

gh pr create --title "<short title>" --body "$(cat <<'EOF'
## Summary
<bullet points summarizing changes>

## Security Review
- [x] Security review completed via `/security-review`
- [x] No hardcoded secrets or API keys
- [x] No injection vulnerabilities found

## Test plan
<bulleted checklist of testing done>

🤖 Generated with [Claude Code](https://claude.com/claude-code)
EOF
)"

Step 4 — Watch CI checks

After the PR is created, wait for all CI checks (lint, test, CodeQL) to complete:

gh pr checks --watch

Report the final status of each check to the user. If any check fails, investigate the failure, fix it, push the fix, and re-watch.

FAQ & Installation Steps

These questions and steps mirror the structured data on this page for better search understanding.

? Frequently Asked Questions

What is secure-pr?

Perfect for Code Review Agents needing automated security audit capabilities for Python projects. Instapermit

How do I install secure-pr?

Run the command: npx killer-skills add ConnerBabb/Instapermit/secure-pr. It works with Cursor, Windsurf, VS Code, Claude Code, and 19+ other IDEs.

What are the use cases for secure-pr?

Key use cases include: Automating security audits for pull requests, Detecting hardcoded secrets and API keys, Identifying potential injection vulnerabilities and unsafe data handling.

Which IDEs are compatible with secure-pr?

This skill is compatible with Cursor, Windsurf, VS Code, Trae, Claude Code, OpenClaw, Aider, Codex, OpenCode, Goose, Cline, Roo Code, Kiro, Augment Code, Continue, GitHub Copilot, Sourcegraph Cody, and Amazon Q Developer. Use the Killer-Skills CLI for universal one-command installation.

Are there any limitations for secure-pr?

Requires local installation of ruff and pytest. Limited to Python projects. Dependent on /security-review slash command functionality.

How To Install

  1. 1. Open your terminal

    Open the terminal or command line in your project directory.

  2. 2. Run the install command

    Run: npx killer-skills add ConnerBabb/Instapermit/secure-pr. The CLI will automatically detect your IDE or AI agent and configure the skill.

  3. 3. Start using the skill

    The skill is now active. Your AI agent can use secure-pr immediately in the current project.

Related Skills

Looking for an alternative to secure-pr or another community skill for your workflow? Explore these related open-source skills.

View All

widget-generator

Logo of f
f

f.k.a. Awesome ChatGPT Prompts. Share, discover, and collect prompts from the community. Free and open source — self-host for your organization with complete privacy.

149.6k
0
AI

flags

Logo of vercel
vercel

flags is a Next.js feature management skill that enables developers to efficiently add or modify framework feature flags, streamlining React application development.

138.4k
0
Browser

zustand

Logo of lobehub
lobehub

The ultimate space for work and life — to find, build, and collaborate with agent teammates that grow with you. We are taking agent harness to the next level — enabling multi-agent collaboration, effortless agent team design, and introducing agents as the unit of work interaction.

72.8k
0
AI

data-fetching

Logo of lobehub
lobehub

The ultimate space for work and life — to find, build, and collaborate with agent teammates that grow with you. We are taking agent harness to the next level — enabling multi-agent collaboration, effortless agent team design, and introducing agents as the unit of work interaction.

72.8k
0
AI