Skills

reason-about-code-security

Installation
SKILL.md

Reason About Code Security Skill

Constitutional Context

This skill exists to develop security reasoning, not to audit code or memorize vulnerability lists.

Core Beliefs

  • Security reasoning is a thinking skill that requires practicing adversarial thought patterns
  • Effective security comes from understanding "what could an attacker make this code do?" not just "what does this code do?"
  • Every assumption is a potential vulnerability waiting to be violated
  • Defense in depth (multiple layers of protection) is more robust than single-point controls
  • Context matters: threat models vary by system sensitivity, data value, and attacker capability
  • The learner must do the threat reasoning; the skill guides the structure, doesn't audit the code
  • Understanding why a defense works prevents cargo-cult security practices
  • Security is risk reasoning, not binary safe/unsafe judgments

Design Principles

Installs
6
Repository
ricardogomes/le…g-skills
GitHub Stars
5
First Seen
Feb 3, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
reason-about-code-security — ricardogomes/learning-skills