{
  "formula": "security-audit",
  "type": "aspect",
  "description": "Cross-cutting security concern. Applies security scanning before and after implementation steps.",
  "version": 1,
  "pointcuts": [
    {"glob": "implement"},
    {"glob": "submit"}
  ],
  "advice": [
    {
      "target": "implement",
      "around": {
        "before": [
          {
            "id": "{step.id}-security-prescan",
            "title": "Security prescan for {step.id}",
            "description": "Pre-implementation security check. Review for secrets/credentials in scope. Check dependencies for known vulnerabilities."
          }
        ],
        "after": [
          {
            "id": "{step.id}-security-postscan",
            "title": "Security postscan for {step.id}",
            "description": "Post-implementation security scan. Scan new code for vulnerabilities (SAST). Check for hardcoded secrets. Review for OWASP Top 10 issues."
          }
        ]
      }
    },
    {
      "target": "submit",
      "around": {
        "before": [
          {
            "id": "{step.id}-security-prescan",
            "title": "Security prescan for {step.id}",
            "description": "Pre-submission security check. Final vulnerability scan before merge."
          }
        ],
        "after": [
          {
            "id": "{step.id}-security-postscan",
            "title": "Security postscan for {step.id}",
            "description": "Post-submission security verification. Confirm no new vulnerabilities introduced."
          }
        ]
      }
    }
  ]
}