security-privacy
Security & Privacy (Pre-flight)
Use when
- Adding/reading/writing user/workspace data.
- Touching identity/auth, permissions, Firebase rules, or external APIs.
- Adding logging, analytics, telemetry, or error reporting.
Workflow
- Identify data: what fields are PII, where stored, retention expectations.
- Identify trust boundaries: browser ↔ Firebase/backend; who can call what.
- Minimize & redact: remove unnecessary fields; ensure logs/errors redact secrets/PII.
- Validate inputs at the edge; keep Domain pure.
- Confirm least privilege: tokens, rules, and access paths.
Output checklist
- No secrets in repo, fixtures, or logs.
- No PII in logs/errors/templates.
- Clear authorization point (not scattered across UI).
- Deletion path does not leave access holes.
More from 7spade/black-tortoise
material-design-3
Material Design 3 (Material You) design system knowledge for modern web and Angular applications. Use when implementing Material Design 3 theming, components, typography, color systems, dynamic color, accessibility patterns, or migrating from Material Design 2. Covers design tokens, theming APIs, and Material You principles.
68architecture-ddd
Domain-Driven Design patterns, layer boundaries (Presentation → Application → Domain ← Infrastructure), tactical patterns (entities, value objects, aggregates, repositories), and event-driven flow guidance. Use when designing new features, refactoring across layers, or enforcing DDD architectural boundaries.
13webapp-testing
Toolkit for interacting with and testing local web applications using Playwright. Supports verifying frontend functionality, debugging UI behavior, capturing browser screenshots, and viewing browser logs.
12cohesion-coupling-review
Review a proposed change for high cohesion/low coupling; recommends the smallest boundary-safe refactor (ownership, minimal public surface, no reach-in imports). Use when reviewing code for coupling issues, cross-boundary imports, or excessive dependencies.
10angular-material-cdk-animations
Angular Material + CDK + @angular/animations usage patterns aligned with zoneless + signals-first UI and M3 tokens. Use when implementing Material Design 3 components, accessibility features, animations, overlays, drag-drop, virtual scrolling, or custom UI components using CDK utilities.
10angular-fire
Best practices and code patterns for @angular/fire version 20+, integrating Firestore and Auth with Signals and DDD architecture. Use when implementing Firebase integration, Firestore repositories, or AngularFire Auth in the infrastructure layer.
10