security-practices

Name: Security Practices
Author: eser

// Security practices including secrets management, input validation, SSRF prevention, and production hardening. Use for security-sensitive code.

تشغيل في Manus

$ git log --oneline --stat

stars:٥٢

forks:٠

updated:٢٢ ديسمبر ٢٠٢٥ في ١٨:٢٣

مستكشف الملفات

2 ملفات

SKILL.md

readonly

name	security-practices
description	Security practices including secrets management, input validation, SSRF prevention, and production hardening. Use for security-sensitive code.

security-practices

Quick Start

All secrets in environment variables (never in config files)
Validate inputs at system boundaries
Sanitize error responses (no stack traces in production)
Use HTTPS for all external connections

Key Principles

Environment variables for all secrets
SSRF prevention (block internal IP ranges)
Development vs Production mode separation
Rigorous input validation

References

See rules.md for complete conventions.

related-skills.json

نفس المستودع

javascript-practices.md

from "eser/rules"

JS/TS conventions for syntax, modules, and types. Use when writing or reviewing JavaScript/TypeScript code.

2025-12-2452

design-principles.md

from "eser/rules"

Code design patterns: pure functions, immutability, composition, and async. Use when designing code or functions.

2025-12-2452

architecture-guidelines.md

from "eser/rules"

System architecture: modules, project structure, ADRs, and testing. Use when designing or reviewing systems.

2025-12-2252

ci-cd-practices.md

from "eser/rules"

CI/CD and operations practices including GitHub Actions, Kubernetes, and operational tooling. Use when working with deployment and infrastructure.

2025-12-2252

coding-practices.md

from "eser/rules"

Code quality practices: error handling, validation, logging, and DRY. Use when writing or reviewing code.

2025-12-2252

eser-rules-manager.md

from "eser/rules"

Manages practice rules. Use when user states a preference or approach, or asks to add/modify rules for coding, architecture, tooling, or best practices.

2025-12-2252

package.json