security-review-openai
Security Best Practices
Overview
This skill provides a description of how to identify the language and frameworks used by the current context, and then to load information from this skill's references directory about the security best practices for this language and or frameworks.
This information, if present, can be used to write new secure by default code, or to passively detect major issues within existing code, or (if requested by the user) provide a vulnerability report and suggest fixes.
Workflow
The initial step for this skill is to identify ALL languages and ALL frameworks which you are being asked to use or already exist in the scope of the project you are working in. Focus on the primary core frameworks. Often you will want to identify both frontend and backend languages and frameworks.
Then check this skill's references directory to see if there are any relevant documentation for the language and or frameworks. Make sure you read ALL reference files which relate to the specific framework or language. The format of the filenames is <language>-<framework>-<stack>-security.md. You should also check if there is a <language>-general-<stack>-security.md which is agnostic to the framework you may be using.
If working on a web application which includes a frontend and a backend, make sure you have checked for reference documents for BOTH the frontend and backend!
If you are asked to make a web app which will include both a frontend and backend, but the frontend framework is not specified, also check out javascript-general-web-frontend-security.md. It is important that you understand how to secure both the frontend and backend.
If no relevant information is available in the skill's references directory, think a little bit about what you know about the language, the framework, and all well known security best practices for it. If you are unsure you can try to search online for documentation on security best practices.
More from lawvable/awesome-legal-skills
contract-review-anthropic
Review contracts against your organization's negotiation playbook, flagging deviations and generating redline suggestions. Use when reviewing vendor contracts, customer agreements, or any commercial agreement where you need clause-by-clause analysis against standard positions.
103mediation-dispute-analysis
Use this skill whenever a lawyer or mediator needs help analyzing a dispute for mediation purposes. This includes: reviewing case materials (pleadings, contracts, correspondence, evidence) to identify issues in dispute, summarizing each party's position and interests, conducting legal analysis of the key issues, proposing mediation strategies or settlement directions, and preparing for mediation sessions. Trigger this skill when the user mentions 'mediation', 'dispute analysis', 'settlement', 'dispute resolution', 'identify issues in dispute', 'party positions', 'mediation brief', 'case analysis for mediation', 'ADR', 'mediation preparation', 'caucus strategy', 'settlement options', or any request to analyze a conflict between two or more parties with the goal of finding resolution. Also trigger when the user uploads case files and asks for a structured breakdown of who wants what, what the core disagreements are, or how the case might settle. Even if the user doesn't explicitly say 'mediation', trigger when the context involves analyzing opposing positions in a dispute with a resolution-oriented (rather than litigation-oriented) goal.
86legal-simulation-patrick-munro
Framework for demonstrating AI capabilities in legal contexts. Provides detailed personas across tenant law, business contracts, startup disputes, employment claims, and consumer protection with progressive complexity scenarios. Use when: (1) Demonstrating AI-powered legal triage or intake systems, (2) Showcasing responsible AI-assisted client interactions, (3) Training staff on appropriate AI use in legal contexts, (4) Creating realistic scenarios for legal tech presentations, (5) Developing educational materials about AI in legal services, or (6) Testing AI-powered legal information systems in controlled environments.
82tech-contract-negotiation-patrick-munro
Guide to negotiating technology services agreements, professional services contracts, and commercial B2B transactions. Provides three-position frameworks (provider-favorable, balanced, client-favorable), deal-size tactics, objection handling templates, and concession roadmaps. Use when: (1) Developing negotiation strategies for SaaS, cloud, or managed services agreements, (2) Preparing position papers and fallback positions, (3) Responding to counterparty objections and demands, (4) Creating concession roadmaps that protect critical interests, (5) Assessing tactics based on deal value and leverage, or (6) Structuring balanced outcomes for liability, IP, payment, SLA, or warranty provisions.
81privacy-policy-malik-taiar
Guide for drafting privacy policies compliant with GDPR. Includes CNIL 2020 recommendations, a reference template, and best practices. Use when drafting or revising a privacy policy for a website or application.
77xlsx-processing-manus
Professional Excel spreadsheet creation with a focus on aesthetics and data analysis. Use when creating spreadsheets for organizing, analyzing, and presenting structured data in a clear and professional format.
73