원클릭으로
security-toolkit
Repository security best-practice reviews, threat modeling, and security ownership analysis.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Repository security best-practice reviews, threat modeling, and security ownership analysis.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Durable cross-provider user and project memory. Must use when asked to remember or persist something, when recording a preference or decision, or after substantial research produces a reusable fact, lesson, or recurring pitfall. Provider-native memory is not a substitute.
Deterministic SARIF reporting and partitioning. Use when inspecting .sarif or .sarif.json static-analysis output, summarizing findings without loading full JSON into chat, or splitting results by rule, path, severity, or balanced chunks.
Nix operational playbooks for package diffs, build debugging, closure analysis, dependency forensics, flake maintenance, and evaluation performance tuning. Use when comparing Nix build outputs, diagnosing derivation failures, finding unexpected runtime/build dependencies, inspecting closure size, maintaining flakes, or profiling slow NixOS/Home Manager/Nixvim evaluation.
GitHub issue discovery, targeted triage, issue creation, pull-request creation, review authoring, review-feedback handling, and CI check-fix workflows using gh CLI. Use for read or write work against GitHub issues, pull requests, reviews, or checks.
Git commit planning, fixup/autosquash, branch cleanup, conflict resolution, regression bisect, and multi-commit change-stack workflows. Use for safe local history operations or deciding how changes should be split, repaired, or validated.
Progressive context-architecture expert for repository instructions, AI prompts, rules, agents, commands, and skills. Use when initializing, designing, refactoring, or auditing AI configuration for clear boundaries and token-efficient disclosure.
| name | security-toolkit |
| description | Repository security best-practice reviews, threat modeling, and security ownership analysis. |
Use only when the user explicitly asks for security analysis:
Pick one mode; load only its reference. If intent is unclear, ask first.
references/prompt-template.md as the output contract.