Skip to main content
Jeden Skill in Manus ausführen
mit einem Klick

truestack-application-security

Sterne2
Forks0
Aktualisiert10. Juli 2026 um 17:19

Design and harden the security of a self-hosted app — authentication (OAuth2/OIDC, MFA, passkeys/WebAuthn), authorization (RBAC/ABAC, deny-by-default, IDOR/BOLA/broken-access-control), the OWASP Top 10 (injection, SSRF, misconfiguration), input validation + output encoding, CSRF, password/credential storage (argon2id/bcrypt), security headers/CSP/HSTS, and STRIDE threat modeling. Use whenever the user asks "is this secure" / "secure this app" / "security review", builds a login / sign-in / sign-up / OIDC auth flow, weighs session vs JWT, adds MFA/2FA/passkeys, sets up RBAC/roles/permissions, mentions IDOR/SSRF/CSRF/XSS/SQLi/injection, hashes passwords, manages the app's runtime secrets/API keys/.env (not CI workflow or deploy-pipeline secrets), sets CSP/security headers, threat-models / sizes an attack surface, or asks how to store passwords or credentials safely (storage, retention, or encryption-at-rest of PII/personal data routes to truestack-data-privacy). The DESIGN discipline.

Installation

Mit Codex oder Claude installieren Kopieren Sie diesen Prompt, fügen Sie ihn in Codex, Claude oder einen anderen Assistant ein und lassen Sie die Skill-Seite prüfen und installieren.

Datei-Explorer
2 Dateien
SKILL.md
readonly