Startup Ideas Bank
A promising idea drowning in complexity and market confusion.
AI roast score: 55/100 (D)
The idea
cloudflare/security-audit-skill — A coding-agent skill for multi-phase security audits with independently verified, machine-readable findings
security-audit
A coding-agent skill that turns your agent into a security auditor. It orchestrates multiple parallel agents through a six-phase pipeline -- recon, hunting, validation, reporting, structured output, and independent verification -- to find exploitable vulnerabilities with real impact.
This is the skill that seeded Cloudflare's vulnerability discovery harness, described in Build your own vulnerability harness . The harness grew into a multi-stage, fleet-wide system; this skill is the single-repo starting point it evolved from.
What it does
The skill runs a structured audit in six phases:
Recon -- parallel research agents map the application's architecture, trust boundaries, and input surfaces. Produces architecture.md .
Hunt -- parallel general agents attack the codebase from different angles (injection, access control, business logic, cryptography, feature abuse, chained attacks, and a wildcard). Each agent can spawn sub-agents to dig deeper.
Validate -- separate agents try to disprove each finding. Adversarial review kills false positives.
Report -- produces REPORT.md (human-readable) and FINDINGS-DETAIL.md (detailed traces for MEDIUM+ findings).
Structured output -- writes findings.json conforming to report-schema.json , validated by validate-findings.cjs .
Independent verification -- fresh agents verify every factual claim in the structured output against the actual source code.
Multiple runs against the same repo are additive. Each run explores different code paths; the skill reads prior findings.json files to skip known issues and target gaps.
Files
File
Purpose
SKILL.md
Setup, core principles, platform terminology, workflow overview, and audit anti-patterns
RECONNAISSANCE.md
Phase 1 reconnaissance prompts and synthesis instructions
HUNTING.md
Phase 2 orchestration, hunting methodology, and validation rules
ATTACK-CLASSES.md
Core, wildcard, and obvious-things attack prompts
VALIDATION-AND-REPORTING.md
Phases 3–6 validation, reporting, and verification
report-schema.json
JSON schema for findings.json (confirmed and rejected finding structures)
validate-findings.cjs
Zero-dependency Node.js validator that checks findings.json against the schema
Installation
Install the skill with the Skills CLI :
npx skills add https://github.com/cloudflare/security-audit-skill \
--skill security-audit
Use --global for a user-level installation:
npx skills add https://github.com/cloudflare/security-audit-skill \
--skill security-audit \
--global
Run npx skills --help for agent-selection and non-interactive opt
The roast
Let's face it, this security audit skill is a convoluted mess. Six phases? Really? By the time you’ve figured out how to navigate through ‘recon’ and ‘hunting,’ your codebase is probably already compromised. The promise of 'independently verified, machine-readable findings' sounds great, but good luck getting enterprises to trust a solo founder's ability to manage such complexity without a team or funding to back it up. If you can't clearly articulate the value of each phase, you're asking customers to buy a black box.
Red flags
- Complexity of a six-phase pipeline may overwhelm potential users.
- Solo founder with no funding raises questions about execution capability.
- Unclear customer willingness to pay for this intricate solution.
Verdict
Dismantle this idea and simplify it before trying to sell a convoluted security solution.
Roast your own startup idea →