security-and-hardening
Security and Hardening
Overview
Apply security best practices systematically across the codebase. Prevent OWASP Top 10 vulnerabilities, manage secrets safely, audit dependencies, and enforce boundary validation at all system edges.
When to Use
- Handling user input or external data
- Implementing authentication or authorization
- Storing or transmitting sensitive data
- Integrating with external services
- Before deploying any change to production
OWASP Top 10 Prevention
Injection
- Use parameterized queries for all database access
More from v1truv1us/ai-eng-system
coolify-deploy
Deploy applications to Coolify self-hosting platform. Use when deploying to Coolify, configuring build settings, setting environment variables, managing health checks, or performing rollbacks.
106prompt-refinement
Transform prompts into structured TCRO format with phase-specific clarification. Automatically invoked by /ai-eng/research, /ai-eng/plan, /ai-eng/work, and /ai-eng/specify commands. Use when refining vague prompts, structuring requirements, or enhancing user input quality before execution.
18text-cleanup
Comprehensive patterns and techniques for removing AI-generated verbosity and slop
15plugin-dev
This skill should be used when creating extensions for Claude Code or OpenCode, including plugins, commands, agents, skills, and custom tools. Covers both platforms with format specifications, best practices, and the ai-eng-system build system.
14incentive-prompting
Research-backed prompting techniques for improved AI response quality (+45-115% improvement). Use when optimizing prompts, enhancing agent instructions, or when maximum response quality is critical. Invoked by /ai-eng/optimize command. Includes expert persona, stakes language, step-by-step reasoning, challenge framing, and self-evaluation techniques.
10comprehensive-research
Multi-phase research orchestration for thorough codebase, documentation, and external knowledge investigation. Invoked by /ai-eng/research command. Use when conducting deep analysis, exploring codebases, investigating patterns, or synthesizing findings from multiple sources.
9