Created an agent skill based on this blog. Assessing my own repos now.

https://github.com/backnotprop/oss-security-audit