first commit
This commit is contained in:
@@ -0,0 +1,12 @@
|
||||
# Security Review Guide
|
||||
|
||||
## Check for
|
||||
- unsanitized input,
|
||||
- SQL or shell injection,
|
||||
- insecure deserialization,
|
||||
- secret leakage,
|
||||
- missing authz checks,
|
||||
- unsafe filesystem or network defaults.
|
||||
|
||||
## Review note pattern
|
||||
`Blocking: this path accepts untrusted input and passes it to X without validation.`
|
||||
Reference in New Issue
Block a user