name: "🔒 Security PR Checklist"
description: "Use this when your PR touches authentication, file I/O, external API calls, or other sensitive paths."
title: "[Security Review]: "
labels: ["security", "needs-review"]
body:
  - type: markdown
    attributes:
      value: |
        ## Security Pre-Merge Review
        Complete this checklist before requesting review on PRs that touch **authentication, file I/O, external API calls, or secrets handling**.

  - type: input
    id: pr-link
    attributes:
      label: Pull Request
      description: Link to the PR being reviewed
      placeholder: "https://forge.alexanderwhitestone.com/Timmy_Foundation/hermes-agent/pulls/XXX"
    validations:
      required: true

  - type: dropdown
    id: change-type
    attributes:
      label: Change Category
      description: What kind of sensitive change does this PR make?
      multiple: true
      options:
        - Authentication / Authorization
        - File I/O (read/write/delete)
        - External API calls (outbound HTTP/network)
        - Secret / credential handling
        - Command execution (subprocess/shell)
        - Dependency addition or update
        - Configuration changes
        - CI/CD pipeline changes
    validations:
      required: true

  - type: checkboxes
    id: secrets-checklist
    attributes:
      label: Secrets & Credentials
      options:
        - label: No secrets, API keys, or credentials are hardcoded
          required: true
        - label: All sensitive values are loaded from environment variables or a secrets manager
          required: true
        - label: Test fixtures use fake/placeholder values, not real credentials
          required: true

  - type: checkboxes
    id: input-validation-checklist
    attributes:
      label: Input Validation
      options:
        - label: All external input (user, API, file) is validated before use
          required: true
        - label: File paths are validated against path traversal (`../`, null bytes, absolute paths)
        - label: URLs are validated for SSRF (blocked private/metadata IPs)
        - label: Shell commands do not use `shell=True` with user-controlled input

  - type: checkboxes
    id: auth-checklist
    attributes:
      label: Authentication & Authorization (if applicable)
      options:
        - label: Authentication tokens are not logged or exposed in error messages
        - label: Authorization checks happen server-side, not just client-side
        - label: Session tokens are properly scoped and have expiry

  - type: checkboxes
    id: supply-chain-checklist
    attributes:
      label: Supply Chain
      options:
        - label: New dependencies are pinned to a specific version range
        - label: Dependencies come from trusted sources (PyPI, npm, official repos)
        - label: No `.pth` files or install hooks that execute arbitrary code
        - label: "`pip-audit` passes (no known CVEs in added dependencies)"

  - type: textarea
    id: threat-model
    attributes:
      label: Threat Model Notes
      description: |
        Briefly describe the attack surface this change introduces or modifies, and how it is mitigated.
      placeholder: |
        This PR adds a new outbound HTTP call to the OpenRouter API.
        Mitigation: URL is hardcoded (no user input), response is parsed with strict schema validation.

  - type: textarea
    id: testing
    attributes:
      label: Security Testing Done
      description: What security testing did you perform?
      placeholder: |
        - Ran validate_security.py — all checks pass
        - Tested path traversal attempts manually
        - Verified no secrets in git diff