/laravel-agent:security:audit

Overview

The /security:audit command performs a comprehensive security audit of your Laravel application. It checks for common vulnerabilities including SQL injection, XSS, CSRF, authentication issues, insecure configurations, and dependency vulnerabilities. The audit can be run on the entire application or focused on specific security concerns.

Usage

/laravel-agent:security:audit [target] [focus]

Examples

# Full security audit
/laravel-agent:security:audit

# Focus on authentication security
/laravel-agent:security:audit auth

# Focus on SQL/command injection vulnerabilities
/laravel-agent:security:audit injection

# Focus on XSS vulnerabilities
/laravel-agent:security:audit xss

# Audit specific path
/laravel-agent:security:audit app/Http/Controllers

Focus Areas

The security audit can be focused on specific vulnerability types:

Audit Process

The security audit follows a systematic process:

1. Environment Check

First, the audit checks for security-related packages and runs dependency audits:

# Check for Content Security Policy package
composer show spatie/laravel-csp 2>/dev/null && echo "CSP=yes" || echo "CSP=no"

# Check for security scanner package
composer show enlightn/enlightn 2>/dev/null && echo "ENLIGHTN=yes" || echo "ENLIGHTN=no"

# Run Composer security audit
composer audit

2. Security Agent Invocation

The command uses the laravel-security specialized agent to perform deep code analysis:

Perform security audit:

Action: audit
Target: <path or 'all'>
Focus: <injection|xss|csrf|auth|headers|all>

3. Results Report

A comprehensive report is generated with findings categorized by severity:

Report Format

The audit produces a detailed report with the following sections:

Summary

Overview of findings by severity level:

## Security Audit Results

### Summary
- Critical: X
- High: X
- Medium: X
- Low: X

Vulnerabilities

Detailed table of discovered vulnerabilities with actionable fixes:

### Vulnerabilities
| Severity | Type | Location | Fix |
|----------|------|----------|-----|
| Critical | SQL Injection | file:line | Use parameterized query |
| ... | ... | ... | ... |

Dependency Vulnerabilities

Output from Composer's security audit showing vulnerable packages:

### Dependency Vulnerabilities
<output from composer audit>

Configuration Issues

Checklist of common configuration problems:

### Configuration Issues
- [ ] APP_DEBUG enabled in production
- [ ] Secure cookies not configured
- ...

Recommendations

Prioritized list of security improvements:

### Recommendations
1. ...
2. ...

Authentication Security Checks

When focusing on authentication (/security:audit auth), the audit examines:

• Password hashing - Verifies bcrypt/argon2 usage with proper cost factors
• Session configuration - Checks secure, httponly, and samesite cookie settings
• Rate limiting - Ensures login endpoints have throttling configured
• Token expiration - Validates API token and password reset lifetimes
• 2FA implementation - Reviews two-factor authentication setup if present

Injection Vulnerability Checks

When focusing on injection attacks (/security:audit injection), the audit scans for:

• SQL injection - Raw queries without parameter binding, unsafe DB::raw() usage
• Command injection - Unescaped input in exec(), shell_exec(), system() calls
• LDAP injection - Unvalidated input in LDAP queries
• NoSQL injection - Unsafe MongoDB or Redis query construction

XSS Vulnerability Checks

When focusing on cross-site scripting (/security:audit xss), the audit looks for:

• Unescaped Blade output - Use of {!! !!} without proper sanitization
• JavaScript injection - User data embedded in <script> tags
• DOM-based XSS - Client-side JavaScript that unsafely handles user input
• Stored XSS - Database fields that store HTML without validation

Security Headers Checks

When focusing on HTTP security headers (/security:audit headers), the audit validates:

• Security headers configuration - X-Frame-Options, X-Content-Type-Options, X-XSS-Protection
• CORS settings - Proper Access-Control-Allow-Origin configuration
• CSP policy - Content Security Policy implementation and strictness
• HSTS configuration - HTTP Strict Transport Security for HTTPS enforcement

Best Practices

1. Run regularly - Schedule security audits as part of your CI/CD pipeline
2. Fix critical issues first - Prioritize vulnerabilities by severity level
3. Keep dependencies updated - Regularly run composer audit and update packages
4. Test fixes - Verify security patches don't break functionality
5. Document exceptions - If you must accept a risk, document why
6. Use security packages - Install spatie/laravel-csp and enlightn/enlightn for enhanced protection

Common Vulnerabilities Detected

Examples of security issues the audit commonly finds:

SQL Injection Example

// VULNERABLE - Don't do this
DB::select("SELECT * FROM users WHERE email = '" . $email . "'");

// SECURE - Use parameter binding
DB::select("SELECT * FROM users WHERE email = ?", [$email]);

XSS Example

{!! $userInput !!}{!! Purifier::clean($userInput) !!}

Insecure Configuration Example

// VULNERABLE - config/session.php
'secure' => false,  // Should be true in production
'http_only' => false,  // Should be true
'same_site' => null,  // Should be 'lax' or 'strict'

// SECURE
'secure' => env('SESSION_SECURE_COOKIE', true),
'http_only' => true,
'same_site' => 'lax',

Integration with Security Tools

The audit integrates with popular Laravel security packages:

• spatie/laravel-csp - Content Security Policy middleware
• enlightn/enlightn - Comprehensive security and performance scanner
• composer audit - Built-in dependency vulnerability checker

Related Agent

This command uses the laravel-security specialized agent for deep security analysis.

See Also

• /laravel-agent:test:make - Generate security tests
• /laravel-agent:auth:setup - Setup secure authentication