Skip to content

Releases: RedHatProductSecurity/secdevai

0.4.1

08 May 05:59
@jeremychoi jeremychoi
0.4.1
28c87ef
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
0.4.1 Latest
Latest

What's Changed

New Contributors

Full Changelog: 0.4.0...0.4.1

Contributors

mpapadopoullos
Assets 2
Loading

0.4.0

23 Apr 02:39
@jeremychoi jeremychoi
0.4.0
c656bc1
This commit was signed with the committer’s verified signature.
jeremychoi Jeremy Bonghwan Choi
GPG key ID: 304836F32772E02E
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
0.4.0

What's Changed

  • Feat: secdevai-dast skill with source code correlation analysis
  • Feat: secdevai-validate skill
  • Feat: secdevai-review skill with SANS CWE TOP 25 Most Dangerous Software Errors context

Full Changelog: 0.3.0...0.4.0

Loading

0.3.0

13 Mar 07:36
@jeremychoi jeremychoi
0.3.0
7ee2ee2
This commit was signed with the committer’s verified signature.
jeremychoi Jeremy Bonghwan Choi
GPG key ID: 304836F32772E02E
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
0.3.0
  • New skill, /secdevai oci-image-security — for systematic OCI container image security analysis. Covers CVE triage (Trivy/Grype/RHACS output), supply chain risks, image misconfigurations, EOL component detection, and Dockerfile hardening.
  • OCI/container auto-detection in /secdevai-review — Automatically detects container-related files (Dockerfile, *.containerfile, Kubernetes manifests, Helm charts) and applies OCI image security context without manual flag.
  • Filters file scope before loading context, improving performance and context loading efficiency on large codebases.
  • Add Gosec to /secdevai-tool skill
  • /secdevai-tool hardened — Refactored to run external security tools (Bandit, Scorecard, etc.) via podman/docker with restricted security permissions. security-review.sh replaced by the more generic container-run.sh.
Loading

0.2.0

06 Mar 01:23
@jeremychoi jeremychoi
0.2.0
af8000d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
0.2.0
  • Support Golang application security reviews along with specific Go lang examples mapped directly to the OWASP Top 10
Loading

0.1.1

10 Feb 05:01
@jeremychoi jeremychoi
0.1.1
ca7f533
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
0.1.1
  • fix: add missing secdevai-export skill
Loading

0.1.0

10 Feb 00:03
@jeremychoi jeremychoi
0.1.0
f8dc6ba
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
0.1.0
  • Initial release: AI-powered secure development, enhancing Cursor, Claude Code, and Gemini CLI to perform security code reviews and provide fix suggestions with controlled security contexts
  • One-line installation CLI: secdevai
  • Agent Skills:
    • secdevai: Introduction and help
    • secdevai-review: Security code review based on OWASP Top 10 and Web Security Testing Guide
    • secdevai-fix: Fix suggestions
    • secdevai-tool: Tool integration (e.g., Bandit, Scorecard)
    • secdevai-export: Generate security reports in Markdown/SARIF
    • secdevai-help: Help
  • README, USAGE, and CONTRIBUTING documentation
Loading