secure-development-policy
Secure Development Policy Skill
Purpose
This skill enforces the Hack23 Secure Development Policy across the CIA platform. It provides actionable guidance for SAST/DAST integration, dependency scanning, code signing, and policy compliance verification in daily development workflows.
When to Use This Skill
Apply this skill when:
- ✅ Reviewing PRs for policy compliance
- ✅ Configuring CI/CD security scanning pipelines
- ✅ Adding or updating dependencies
- ✅ Setting up new development environments
- ✅ Investigating security scan findings
- ✅ Preparing code for release
- ✅ Auditing existing code against policy requirements
Do NOT use for:
- ❌ High-level SDLC planning (use secure-development-lifecycle)
More from hack23/cia
iso-27001-controls
Verify implementation of ISO 27001:2022 information security controls across CIA platform development and operations
15playwright-ui-testing
Playwright browser automation, visual regression testing, accessibility testing, and E2E workflow validation for CIA platform
15ui-ux-design-system
Design system management, Vaadin component library patterns, consistent UI/UX, accessibility integration
15code-quality-checks
Enforce code quality with SonarCloud, CheckStyle, SpotBugs, and maintain quality gates
14business-model-canvas
Business Model Canvas framework for value proposition, customer segments, revenue streams, and sustainable business model design
14legislative-monitoring
Voting pattern analysis, committee effectiveness, bill tracking, parliamentary oversight for Swedish intelligence operations
13