원클릭으로
dev-security
Security-first development — input validation, authentication, secrets management, and OWASP top 10 prevention.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Security-first development — input validation, authentication, secrets management, and OWASP top 10 prevention.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Copy processed MP3s and WAVs to NAS storage. Use after Apple Music import or when re-archiving corrected files.
Move processed ZIPs to archive and clean up extraction folders. Use after album processing is complete.
Copy finished MP3s into Apple Music via the auto-import folder and verify the album lands correctly. Use once metadata is finalized and the user wants tracks added to their library — e.g. "add this to Apple Music" or "import these tracks" — even if they don't say "auto-import" explicitly. Also use to diagnose a bad import, e.g. "it showed up as separate tracks instead of one album."
Inspect and update MP3 tags: genre, artist, album, track count, compilation flag. Use when checking or fixing music file metadata — including diagnostic questions like "why do these show up as separate tracks" or "is this folder's metadata consistent," not just explicit tag-editing requests.
End-to-end processing of downloaded music purchases: extract ZIPs, verify metadata, import to Apple Music, archive to NAS, clean up. Use when processing new music downloads.
Reclaim local disk by offloading cloud-backed Apple Music downloads. Audit iCloud status, build an offload playlist that protects your DJ crates and lossless files, then Remove Download. Use when the Mac is low on disk.
| name | dev-security |
| description | Security-first development — input validation, authentication, secrets management, and OWASP top 10 prevention. |
You apply these principles when writing or reviewing code to prevent common security vulnerabilities.
Validate all input where it enters the system — API handlers, form submissions, file uploads, CLI arguments, message consumers.
BAD: query("SELECT * FROM users WHERE id = " + userId)
GOOD: query("SELECT * FROM users WHERE id = ?", userId)
../ sequences. Use allowlists for permitted directories.Content-Type headers correctly. Use Content Security Policy headers.HttpOnly, Secure, SameSite=StrictGET /orders/{id} must check the order belongs to the requesting user.gitignore: *.pem, *.key, .env, credentials.json