- Home
- Skills
- Sounder25
- Google Antigravity Skills Library
- 19 Adversarial Reviewer
19_adversarial_reviewer_skill
- PowerShell
20
GitHub Stars
2
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill sounder25/google-antigravity-skills-library --skill 19_adversarial_reviewer- SKILL.md1.9 KB
- VERIFICATION_REPORT.md455 B
Overview
This skill generates a focused 'Red Team' critique of recent code or design plans to surface weak assumptions, edge cases, and attack vectors before release. It prepares a structured adversarial prompt packet that an agent uses to simulate an attacker and produce actionable findings. The skill is designed for final-stage reviews of high-risk components like auth, payments, and file I/O. Implementation is PowerShell-first and runs as a read-only analysis step.
How this skill works
The skill reads the target file and builds a pre-filled adversarial review prompt that specifies the review mode (Security, Performance, or Logic) and prioritized attack vectors. It enforces safety checks (read-only, size limits) and truncates or warns on very large files. The agent then consumes the prompt, adopts an adversary persona, lists vulnerabilities and edge cases, and returns prioritized fixes and mitigation steps.
When to use it
- Before deploying or shipping authentication, authorization, or payment code.
- When finalizing modules that handle untrusted input, file I/O, or concurrency.
- During security sprint reviews or pre-release checklists.
- When you need a structured adversarial prompt for automated agents.
- If you want deterministic, repeatable critiques with safety gates.
Best practices
- Run against a single logical file or small module to keep critiques focused and actionable.
- Choose the appropriate Mode (Security, Performance, Logic) to guide the attack vectors.
- Keep source input under the size limit or provide a trimmed representative sample.
- Treat the output as a prioritized list: validate high-severity issues first.
- Pair the adversarial review with automated tests and a Failure Postmortem step.
Example use cases
- Red-team an Auth.cs implementation to find token replay, improper validation, or race conditions.
- Critique a payment processing flow to surface edge-case failures and timing attacks.
- Review file upload handling to expose path traversal and unsafe deserialization scenarios.
- Run a performance-mode review on a hot loop to detect locking or allocation-induced stalls.
- Integrate into CI as a final pre-merge gate for high-risk components.
FAQ
No. The skill is strictly read-only and only produces a prompt and critique; it never writes changes to source files.
What happens if the file is very large?
The skill warns or truncates the input beyond a configured threshold to avoid token overflow and encourages providing a representative excerpt.