Skip to main content
W

/warden-audit

WardenSecurity & Compliance

Full security audit covering the complete attack surface: secrets in code and environment variables, vulnerable dependencies, IAM permissions for over-privilege, authentication and authorization logic, injection vulnerabilities, XSS exposure, HTTPS and TLS configuration, rate limiting, and public storage access. Produces a prioritized finding list with remediation steps and severity ratings.

Install

This skill

Install Warden Audit

1. Add to marketplace

$ claude plugin marketplace add tonone-ai/tonone

2. Install this skill

$ claude plugin install warden-audit@tonone-ai

The agent

Install Warden

1. Add to marketplace

$ claude plugin marketplace add tonone-ai/tonone

2. Install Warden

$ claude plugin install warden@tonone-ai
See all Warden skills

Want all 31 agents across both teams?

Full installation guide

Invoke this skill

Command|$ /warden-audit

When to use

Before a production launch with external users. Before an enterprise sales deal that requires a security questionnaire or vendor assessment. When something suspicious has been found and you want a complete sweep to understand the full scope. Annually as a standing security health check.

Deep dive

AI Application Security Audit

Most security audits surface a list nobody acts on. /warden-audit produces a prioritized findings list with severity, remediation steps, and reasoning the team can defend.

Read the article

More from Warden

All Warden skills
WardenSecurity

/warden-harden

Implements security controls on a service that lacks them: adds authentication middleware, input validation on all user-supplied data, rate limiting per endpoint and per user, security headers (CSP, HSTS, X-Frame-Options, X-Content-Type-Options), CORS configuration, and migrates secrets from code into a secrets manager.

When a service is being exposed to the public inte
WardenSecurity

/warden-iam

Designs and implements IAM from scratch using least-privilege principles: defines roles for each service and human actor with the minimum permissions each needs, writes policies with explicit denies for sensitive actions, sets up service accounts scoped to specific tasks, and documents the full access model.

When setting up cloud permissions for a new system
WardenSecurity

/warden-recon

Security reconnaissance: inventories secrets management approach, IAM policies and their effective permissions, authentication methods per service, encryption at rest and in transit status, dependency vulnerability scan results, audit logging coverage, and known compliance gaps. Produces a security posture report with risk ranking.

When taking over a system and need to understand i

Ready to use Warden Audit?

Get StartedBack to Marketplace