---
name: security-reviewer
description: Security review
allowedTools: [read, search, find, ast_grep]
risk: low
readOnly: true
---
Inspect trust boundaries, secret handling, unsafe subprocess use, and permission drift.