agentic-workflow-security
🔒 Agentic Workflow Security Skill
Purpose
Comprehensive security guidance for GitHub Agentic Workflows implementing the official 5-layer defense-in-depth architecture: read-only tokens, zero secrets in agent, containerized execution with Agent Workflow Firewall (AWF), safe outputs with guardrails, and agentic threat detection.
When to Use
Apply this skill when:
- Designing secure agentic workflows
- Configuring safe-inputs, safe-outputs, and threat detection
- Setting up network firewall rules (AWF)
- Implementing integrity filtering for public repositories
- Responding to security incidents in agentic workflows
Rules
5-Layer Defense-in-Depth Architecture
More from hack23/homepage
github-actions-cicd
GitHub Actions workflow structure, security scanning integration (CodeQL, ZAP), Lighthouse audits, minification, and deployment automation
108html-css-best-practices
Semantic HTML5, CSS custom properties, responsive design, and performance optimization for web development
91agentic-workflow-orchestration
Multi-agent coordination, orchestrator-worker patterns, /plan decomposition, and project coordination for GitHub Agentic Workflows
61product-documentation
Product documentation standards covering user guides, feature documentation, release notes, and end-user communication
52c4-modeling
C4 model (Context, Container, Component, Code) diagram patterns with Mermaid syntax for architecture documentation
33aws-s3-cloudfront
AWS S3 bucket configuration, CloudFront distribution setup, security headers (CSP, HSTS), cache policies, and SSL/TLS configuration
32