review-security

Analyze code for security vulnerabilities, insecure patterns, and security regressions using strict determination criteria. References the project threat model when available. Returns structured findings without applying fixes. Use when the user asks to "review security", "check for security issues", "find vulnerabilities in my changes", "run a security review", "analyze my code for security", "security audit", or "security scan".