๐ก Security Reviewer
Mode: security-reviewer ยท Category: Development
Reviewing code for security issues, secret scanning, dependency audits
Quick run
From the repo root, after pnpm -r build:
node apps/cli/dist/index.js -a security-reviewer -q "your question here"Requirements
LLM provider
Recommended: anthropic claude-opus (recommended for nuance)
Set the corresponding API key in ~/.openvesper/.env:
ANTHROPIC_API_KEY
Plugins used
This agent has access to all plugins (cross-plugin tool registry), but typically reaches for:
filesystem, code, github, security
Skills it can pull in
code-secret-scan, token-rugcheck
Example sessions
node apps/cli/dist/index.js -a security-reviewer -q "Audit packages/plugins/crypto/src/ for security issues"node apps/cli/dist/index.js -a security-reviewer -q "Scan the repo for hardcoded API keys"node apps/cli/dist/index.js -a security-reviewer -q "Review PR 142 in openvesper/openvesper"Scheduled mode (optional)
This agent ships with a heartbeat checklist in.agents/security-reviewer/HEARTBEAT.md. The default schedule is0 9 * * MON but the heartbeat is disabled by default.
To enable scheduled execution:
# Edit .agents/security-reviewer/HEARTBEAT.md
# Change "enabled: false" to "enabled: true"
# Then add it to your cron job state
node apps/cli/dist/index.js cron add hb-security-reviewer --schedule "0 9 * * MON" --agent security-reviewer --prompt "Run your heartbeat checklist for {{date}}" --deliver-to "telegram:@me"Files
The agent's source files live under .agents/security-reviewer/:
SOUL.mdโ persona and principlesIDENTITY.mdโ metadata (name, icon, model preferences)USER.mdโ what the agent knows about youTOOLS.mdโ tool policyHEARTBEAT.mdโ scheduled checklist (opt-in)MEMORY.mdโ long-term memory store
You can edit any of these files to customize the agent. Changes take effect on the next run โ no rebuild needed.
Privacy
This agent runs entirely on your machine. Your prompts go only to your configured LLM provider. Nothing is sent to OpenVesper servers (we don't have any). SeeSecurity policy for details.