gastown/.beads/formulas/security-audit.formula.toml

description = "Cross-cutting security concern. Applies security scanning before and after implementation steps."
formula = "security-audit"
type = "aspect"
version = 1

[[advice]]
target = "implement"
[advice.around]

[[advice.around.after]]
description = "Post-implementation security scan. Scan new code for vulnerabilities (SAST). Check for hardcoded secrets. Review for OWASP Top 10 issues."
id = "{step.id}-security-postscan"
title = "Security postscan for {step.id}"

[[advice.around.before]]
description = "Pre-implementation security check. Review for secrets/credentials in scope. Check dependencies for known vulnerabilities."
id = "{step.id}-security-prescan"
title = "Security prescan for {step.id}"

[[advice]]
target = "submit"
[advice.around]

[[advice.around.after]]
description = "Post-submission security verification. Confirm no new vulnerabilities introduced."
id = "{step.id}-security-postscan"
title = "Security postscan for {step.id}"

[[advice.around.before]]
description = "Pre-submission security check. Final vulnerability scan before merge."
id = "{step.id}-security-prescan"
title = "Security prescan for {step.id}"

[[pointcuts]]
glob = "implement"

[[pointcuts]]
glob = "submit"