Name: meterian/security-audit
Rating: 96.3 (1 reviews)
Author: meterian

meterian/security-audit

Use for dependency security audits and compliance checks. Use when auditing project dependencies for vulnerabilities, answering "is [library] [version] safe?" questions, or remediating vulnerable libraries. Also activates automatically when the user opens or modifies a manifest file (package.json, package-lock.json, yarn.lock, pnpm-lock.yaml, requirements.txt, pom.xml, Cargo.toml, go.mod, Gemfile, composer.json, build.gradle, *.csproj, pubspec.yaml, conanfile.txt, conanfile.py, project.clj, deps.edn, Package.swift, pubspec.lock, Package.resolved, Gemfile.lock, poetry.lock, uv.lock, Cargo.lock, composer.lock).

1.83x

Quality

90%

Does it follow best practices?

Impact

99%

1.83x

Average score across 8 eval scenarios

Securityby

Passed

No known issues

{
  "context": "Tests whether the agent maps the Ruby manifest to the ruby language parameter, prefers Gemfile.lock pinned versions over Gemfile ranges, and invokes the Meterian CLI. CLI invocation verified via scan-raw.json Meterian format.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "ruby language",
      "description": "`scan-raw.json` contains entries with `\"language\":\"ruby\"` — confirming the correct language parameter (not `gem`, `rubygems`, or `rails`)",
      "max_score": 20
    },
    {
      "name": "Gemfile.lock preferred",
      "description": "Extracts dependency versions from `Gemfile.lock` rather than the version ranges in `Gemfile`",
      "max_score": 25
    },
    {
      "name": "Pinned versions used",
      "description": "The versions in `scan-raw.json` match the pinned versions in Gemfile.lock (e.g. rails 5.2.3, nokogiri 1.9.1) rather than Gemfile ranges",
      "max_score": 20
    },
    {
      "name": "Raw scan data file",
      "description": "A file named `scan-raw.json` exists containing a JSON object with a `vulnerable` array — the Meterian CLI check output format",
      "max_score": 15
    },
    {
      "name": "Markdown table",
      "description": "Report contains a markdown table with audit result columns (Package, Version, Severity, ID, Safe Version(s))",
      "max_score": 10
    },
    {
      "name": "Summary line",
      "description": "Report includes a summary line with vulnerability and package counts",
      "max_score": 10
    }
  ]
}

evals

scenario-1

scenario-2

scenario-3

scenario-4

criteria.json

task.md

scenario-5

scenario-6

scenario-7

scenario-8

SKILL.md

tile.json

meterian/security-audit

criteria.json.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}evals/scenario-4/

criteria.jsonevals/scenario-4/