feat(agents): add `security-reviewer` agent with OWASP-aligned skill delegation

[katriendg]

Summary

Create the security-reviewer.agent.md thin orchestrator agent under .github/agents/security/. The agent classifies codebases by technology signals, maps signals to available OWASP skills, delegates per-skill vulnerability assessment to subagents via inline prompt templates, and consolidates findings into structured reports written to .copilot-tracking/security/.

Design adapted from JasonTheDeveloper's vulnerability-scanner.agent.md (owasp-skills repo), proven to reduce context window usage from 93% to 71% via per-skill subagent delegation.

Related Work

• feat(agents): Security Code Review Agent — pre-PR security vulnerability reviewer #648 — Security Code Review Agent (diff-only, pre-PR scope in code-reviewer collection). Different agent type: diff-only pre-PR review vs this issue's full-codebase review. Should fold into the security collection as a complementary agent.
• feat(agents): Add Security Champion agent with SDL and OWASP guidance #416 / PR feat(agents): add Security Champion agent with SDL and OWASP guidance #408 — Security Champion agent (SDL + OWASP). Discussion feat(agents): Integrate Code Reviewer Agent for Security Validation During Development #480 agreed PR feat(agents): add Security Champion agent with SDL and OWASP guidance #408 needs reshaping to composition model. This issue implements the agreed-upon composition pattern (skills over monolithic instructions).
• feat(agents): Security Auditor to track and do gap analysis on security plans and updates #336 — Security Auditor (gap analysis on existing plans). Complementary: audits plans, not codebase vulnerabilities.

Acceptance Criteria

• .github/agents/security/security-reviewer.agent.md exists with valid frontmatter
  • name: Security Reviewer
  • description ends with - Brought to you by microsoft/hve-core
  • tools: includes read_file, list_dir, file_search, grep_search, semantic_search, create_file, runSubagent
• Agent body implements the 4-step orchestration flow:
  1. Discover the Codebase — scan for technology signals via file_search, grep_search, list_dir
  2. Select Skills via Routing Table — map detected signals to skills
  3. Delegate Each Skill to a Sub-Agent — spawn runSubagent per skill with inline prompt template
  4. Collate Results and Generate Report — aggregate findings, write to .copilot-tracking/security/
• Signal-to-skill routing table maps:
  • Web frameworks/APIs → owasp-top-10
  • LLM integration (OpenAI, Azure OpenAI, Anthropic, LangChain, Semantic Kernel) → owasp-llm
  • Agentic patterns (tool-calling, MCP configs, agent files) → owasp-agentic
• Inline subagent prompt template includes:
  • Skill name and path placeholders
  • Codebase profile injection
  • Structured output contract (Skill Metadata + Findings Table + Detailed Remediation)
  • Status taxonomy: PASS / FAIL / PARTIAL / NOT_ASSESSED
  • Severity taxonomy: CRITICAL / HIGH / MEDIUM / LOW
• Behavioral rule enforced: agent NEVER reads vulnerability reference files directly — always delegates to subagents
• Report output follows the standardized template:
  • Executive Summary → Summary Counts → Severity Breakdown → Findings by Framework → Detailed Remediation
  • [!CAUTION] disclaimer at top of every report
  • Written to .copilot-tracking/security/{date}/security-review-{scope}.md
• Agent supports both auto-classification mode and domain-specific mode:
  • Auto: scan codebase, select all relevant skills
  • Domain-specific: skip classification when invoked via domain prompts

Design Reference

Aspect	Detail
Source pattern	JasonTheDeveloper's vulnerability-scanner.agent.md
Tool names	hve-core conventions: grep_search, semantic_search, file_search, read_file, list_dir, create_file, runSubagent
Skill paths	.github/skills/security/{skill-name}/
Report output	.copilot-tracking/security/{date}/security-review-{scope}.md
Subagent strategy	Inline prompt templates (no separate subagent file for MVP)

Output Format

Two-layer status model for MVP:

Assessment Status (per-vulnerability): PASS, FAIL, PARTIAL, NOT_ASSESSED
Severity (FAIL and PARTIAL only): CRITICAL, HIGH, MEDIUM, LOW

Full multi-layer taxonomy deferred to Phase 2.

Dependencies

• Depends on collection rename (chore(collections): rename security-planning collection to security #792) for directory path
• Can start in parallel with skill issues — agent references skills by path; skill content can be stubbed during development