Skills

python-security

Installation
SKILL.md

Python Security Development Guide

Provide a structured approach to building secure Python applications, covering the OWASP Top 10, secure coding patterns, and verification checklists. Apply these guidelines throughout the secure development lifecycle — from threat modeling through deployment.

Secure Development Lifecycle

Phase 1: Threat Modeling and Secure Design

Before writing code, identify and mitigate threats at the design level:

  • Identify trust boundaries — Map where untrusted data enters the system (HTTP requests, file uploads, database reads, environment variables, third-party APIs)
  • Map data flows — Trace sensitive data (credentials, PII, tokens) through the system and verify protection at each stage
  • Enumerate entry points — List all routes, endpoints, CLI arguments, message queue consumers, and cron jobs
  • Map attack surfaces to OWASP Top 10 — Cross-reference each entry point against the OWASP categories in the quick reference table below

Design with security controls built-in:

Installs
4
Repository
jim60105/copilot-prompt
GitHub Stars
19
First Seen
Mar 29, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
python-security — jim60105/copilot-prompt