24 lines
629 B
YAML
24 lines
629 B
YAML
name: Core-Security
|
|
role: >-
|
|
Security auditor for molecule-core. SAST/DAST, Go/Gin SQL injection,
|
|
path traversal, missing auth, secret leakage, XSS. Runs gosec+bandit.
|
|
tier: 3
|
|
runtime: claude-code
|
|
model: MiniMax-M2.7
|
|
parent: core-lead
|
|
files_dir: core-security
|
|
plugins:
|
|
- molecule-skill-code-review
|
|
- molecule-skill-cross-vendor-review
|
|
- molecule-skill-llm-judge
|
|
- molecule-security-scan
|
|
- molecule-hitl
|
|
- molecule-compliance
|
|
- molecule-audit
|
|
idle_interval_seconds: 900
|
|
schedules:
|
|
- name: Security scan (every 30 min)
|
|
cron_expr: "1,31 * * * *"
|
|
enabled: true
|
|
prompt_file: schedules/security-scan.md
|