security-patterns

Installation

SKILL.md

Contains Hooks

This skill uses Claude hooks which can execute code automatically in response to events. Review carefully before installing.

Security Patterns

Comprehensive security patterns for building hardened applications. Each category has individual rule files in rules/ loaded on-demand.

Quick Reference

Category	Rules	Impact	When to Use
Authentication	3	CRITICAL	JWT tokens, OAuth 2.1/PKCE, RBAC/permissions
Defense-in-Depth	2	CRITICAL	Multi-layer security, zero-trust architecture
Input Validation	3	HIGH	Schema validation (Zod/Pydantic), output encoding, file uploads
OWASP Top 10	2	CRITICAL	Injection prevention, broken authentication fixes
LLM Safety	3	HIGH	Prompt injection defense, output guardrails, content filtering
PII Masking	2	HIGH	PII detection/redaction with Presidio, Langfuse, LLM Guard
Scanning	3	HIGH	Dependency audit, SAST (Semgrep/Bandit), secret detection
Advanced Guardrails	2	CRITICAL	NeMo/Guardrails AI validators, red-teaming, OWASP LLM

Total: 20 rules across 8 categories

Related skills

More from yonatangross/orchestkit

responsive-patterns
Responsive design with Container Queries, fluid typography, cqi/cqb units, subgrid, intrinsic layouts, foldable devices, and mobile-first patterns for React applications. Use when building responsive layouts or container queries.
492
ui-components
UI component library patterns for shadcn/ui and Radix Primitives. Use when building accessible component libraries, customizing shadcn components, using Radix unstyled primitives, or creating design system foundations.
477
devops-deployment
Use when setting up CI/CD pipelines, containerizing applications, deploying to Kubernetes, or writing infrastructure as code. DevOps & Deployment covers GitHub Actions, Docker, Helm, and Terraform patterns.
453
rag-retrieval
Retrieval-Augmented Generation patterns for grounded LLM responses. Use when building RAG pipelines, embedding documents, implementing hybrid search, contextual retrieval, HyDE, agentic RAG, multimodal RAG, query decomposition, reranking, or pgvector search.
374
architecture-decision-record
Use this skill when documenting significant architectural decisions. Provides ADR templates following the Nygard format with sections for context, decision, consequences, and alternatives. Use when writing ADRs, recording decisions, or evaluating options.
369
domain-driven-design
DDD tactical patterns for complex business modeling including entities, value objects, aggregates, domain services, repositories, specifications, and bounded contexts. Python dataclass implementations with TypeScript alternatives. Use when building rich domain models, enforcing invariants, or separating domain logic from infrastructure.
356

Installs

333

Repository

yonatangross/orchestkit

GitHub Stars

170

First Seen

Feb 14, 2026

Security Audits

Gen Agent Trust HubPass