Security Best Practices

Use this skill when the job is to name one missing security layer and turn it into a bounded hardening brief.

The job is not to dump a giant OWASP list, middleware catalog, or scanner parade. The job is to:

1. frame the surface and risk,
2. choose one primary hardening mode,
3. recommend the smallest credible first slice,
4. name the verification ladder,
5. route adjacent work honestly.

Read these support docs first:

• references/modes-and-boundaries.md
• references/mode-packets-and-route-outs.md
• references/hardening-review-checklist.md
• references/verification-ladder.md