secure

Installation
SKILL.md

Security

This skill is for securing your app's code and data. For regulatory compliance (HIPAA, SOC 2, GDPR), use compliance. For pre-launch readiness checks, use go-live. For environment variable setup during deployment, use deploy. For database-level security (Row Level Security), use database.

Don't Do Yet

  • Don't implement OAuth/SSO until you have paying customers who need it. Email + password is fine for launch.
  • Don't buy a pentest until you have 1,000+ users or handle sensitive data (health, finance). This checklist is enough for MVP.
  • Don't set up a Web Application Firewall (WAF) — your hosting platform (Vercel, Railway) handles this. You don't need Cloudflare yet.
  • Don't build your own auth system. Use Supabase Auth, Clerk, or NextAuth. Rolling your own is how breaches happen.

Quick Start

Installs
193
GitHub Stars
222
First Seen
Feb 13, 2026
secure — whawkinsiv/claude-code-superpowers