security-checklist
Security Checklist for AI Coding Assistants
This is a strict guideline. Follow these rules exactly.
Critical security rules to follow when generating or modifying code.
Never Commit These Files
Environment files with actual values:
.env
.env.local
.env.development
.env.production
.env.test
.env.*
Always commit templates (no actual values):
More from loxosceles/ai-dev
static-frontend-hosting
S3 + CloudFront + Lambda@Edge for low-cost global hosting with edge authentication. Apply when setting up frontend hosting infrastructure.
64github-actions-oidc-aws
Secure GitHub Actions to AWS authentication using OIDC without long-lived credentials. CRITICAL PATTERN. Apply when setting up CI/CD pipelines that deploy to AWS.
53code-review
Multi-perspective code review strategy covering architecture, security, performance, and quality. Follow when reviewing code or analyzing changes.
51frontend-code-quality
Essential guidelines for clear, maintainable frontend code. Follow when writing or reviewing frontend components, composables, or pages.
51command-execution
Guidelines for executing commands and running scripts. Follow when running shell commands, installing packages, or using project scripts.
51cdk-bootstrap-configuration
CDK synth-time configuration pattern without context caching. Apply when working on CDK infrastructure code or adding new configuration parameters.
50