| name | secure-by-design |
| description | Secure by Design principles knowledge base for assessing adherence to security-first design, development, and deployment practices across the software lifecycle - Brought to you by microsoft/hve-core. |
| license | OGL-UK-3.0 AND CC-BY-4.0 |
| user-invocable | false |
| metadata | {"authors":"UK Government Security Group, Australian Signals Directorate (ASD) ACSC","spec_version":"1.0","framework_revision":"1.0.0","last_updated":"2026-03-27","content_based_on":"https://www.security.gov.uk/policy-and-guidance/secure-by-design/principles/ AND https://www.cyber.gov.au/business-government/secure-design/secure-by-design/secure-by-design-foundations"} |
Secure by Design — Skill Entry
This SKILL.md is the entrypoint for the Secure by Design skill.
The skill synthesizes the UK Government Secure by Design Principles (10 principles) and the
Australian ASD/ACSC Secure by Design Foundations (6 foundations) into structured,
machine-readable references that an agent can query to identify, assess, and improve adherence to
secure-by-design practices across the software lifecycle.
Normative references (Secure by Design)
- 00 Principle Index
- 01 Security Governance
- 02 Risk-Driven Approach
- 03 Secure Product Development
- 04 Supply Chain Security
- 05 Usable Security Controls
- 06 Detect and Respond
- 07 Flexible Architecture
- 08 Minimize Attack Surface
- 09 Defense in Depth
- 10 Continuous Assurance
- 11 Secure Deprecation
Skill layout
SKILL.md — this file (skill entrypoint).
references/ — the Secure by Design normative documents.
00-principle-index.md — index of all principle identifiers, categories, source mappings, and cross-references.
01 through 11 — one document per synthesized principle area merging UK and AU guidance.
Third-Party Attribution
UK Government Secure by Design Principles
Australian ASD/ACSC Secure by Design Foundations
🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.