tzurot-security
Security Skill - Tzurot v3
Use this skill when: Handling secrets, user input, file uploads, AI providers, admin commands, or when security concerns arise.
Quick Reference
# Pre-commit secret check
git diff --cached | grep -iE '(password|secret|token|api.?key|postgresql://|redis://)'
# Audit dependencies
npm audit --audit-level=moderate
# View Railway secrets (values hidden)
railway variables --service <name>
🚨 Tier 1: Core Security (MUST FOLLOW)
More from lbds137/tzurot
tzurot-council-mcp
Multi-perspective AI consultation. Invoke with /tzurot-council-mcp for major refactors (>500 lines), structured debugging after failed attempts, or when a technical decision has multiple viable approaches.
17tzurot-testing
Testing procedures. Invoke with /tzurot-testing for test execution, coverage audits, and debugging test failures.
16tzurot-deployment
Railway deployment procedures. Invoke with /tzurot-deployment for deploying, checking logs, and troubleshooting.
16tzurot-docs
Session workflow procedures. Invoke with /tzurot-docs for session start/end, CURRENT.md/BACKLOG.md management.
14tzurot-git-workflow
Git workflow procedures. Invoke with /tzurot-git-workflow for commit, PR, and release procedures.
13tzurot-tooling
MUST invoke when: adding CLI commands, creating dev scripts, or using pnpm ops commands. Contains ops CLI reference and script organization.
1