Audit OAuth security in vestibule
oauth-security-reviewersubagentsetup L2★2
tylerbutler/vestibule ↗What it does
Audit code or design against criteria
Best for
Finding domain-specific issues in technical reviews.
Inputs
- · project context (code/docs/conventions)
- · task assignment with scope
Outputs
- · structured findings or specification document
Requires
- ·
Preconditions
Project code accessible; CLAUDE.md or AGENTS.md defines conventions
Failure modes
- · Missing project conventions — produces generic findings
- · Code too context-dependent — misses subtle domain issues
Trust signals
- · Cites specific file:line for each finding
- · Escalates when blocked vs. proceeding with weak assumptions