Security Checklist

Comprehensive security checklist based on OWASP Top 10 (2021) and industry best practices.

Quick Reference

• /aif-security-checklist — Full audit checklist
• /aif-security-checklist auth — Authentication & sessions
• /aif-security-checklist injection — SQL/NoSQL/Command injection
• /aif-security-checklist xss — Cross-site scripting
• /aif-security-checklist csrf — Cross-site request forgery
• /aif-security-checklist secrets — Secrets & credentials
• /aif-security-checklist api — API security
• /aif-security-checklist infra — Infrastructure security
• /aif-security-checklist prompt-injection — LLM prompt injection
• /aif-security-checklist race-condition — Race conditions & TOCTOU
• /aif-security-checklist ignore <item> — Ignore a specific check item

Config