security
Security Skill
Version: 1.0 Source: Security Standards
Security must be built in from the start, not bolted on later. These standards apply to all code that handles user data, authentication, or external input.
The Problem
AI agents default to making code work, not making it safe. Without explicit security standards, each session takes the shortest path — string concatenation for queries, hardcoded secrets for convenience, broad permissions for speed. These aren't malicious choices; they're the path of least resistance when security isn't in the prompt. These standards make secure patterns the default path.
Consumption
- Builders: Read
## Builder Checklistbefore writing any code that touches user input, auth, or external services. Security must be designed in, not patched after. - Refactorers: Use
## Enforced Rulesto find security violations. Read narrative sections for remediation guidance. - Both: Narrative sections are the authoritative standard. Checklist and rules table are compressed views of the same content.
More from alexanderstephenthompson/claude-hub
unity-csharp
C# patterns for Unity - MonoBehaviour, async, architecture, and VR/mobile performance optimization
50design
Design and UI standards for accessibility, semantic HTML, and responsive layouts
36architecture
Architecture principles, module boundaries, folder structure, and project type profiles
34vrc-udon
VRChat Udon and UdonSharp patterns - networking, sync, interactions
33data-python
Python patterns for data processing - pandas, polars, pyspark
33web-performance
Performance patterns for Apollo caching, Redis, and CloudFront optimization
33