II.
ScopeBoundary overview
Reference · livescope-boundary:security-review.scope
scope-boundary:security-review.scope overview
Inspect the raw attributes, linked wiki pages, and inbound or outbound graph edges for scope-boundary:security-review.scope.
Attributes
subjectId
inScope
Static review of pending diffs for OWASP-Top-10-class vulnerabilities
in application code — injection (SQL, command, template), broken
auth/session handling, IDOR, SSRF, XXE, hardcoded secrets, insecure
deserialization, and missing input validation. Produces structured
review comments tied to specific lines.
outOfScope
Penetration testing, dynamic analysis, fuzzing, dependency-vulnerability
scanning (delegated to SCA tools), threat modeling of unmodified code,
cryptographic primitive design review, and compliance attestation
(SOC2, ISO 27001).
outOfScopeReasonIds
Outgoing edges
bounds_subject1
- skill:security-review·SkillSecurity Review
has_out_of_scope_reason2
- out-of-scope-reason:runtime-only·OutOfScopeReasonRuntime Only
- out-of-scope-reason:implementation-detail·OutOfScopeReasonImplementation Detail
Incoming edges
None.