// Instructs AI coding agents to invoke CodeGuard MCP Server security rules before writing or reviewing code.
Guide secure migration of code from memory-unsafe languages (C, C++, Assembly) to memory-safe languages (Rust, Go, Java, C#, Swift). Use when migrating or rewriting legacy C/C++ code, designing FFI boundaries between safe and unsafe code, writing new modules in existing C/C++ codebases, reviewing mixed-language projects, planning memory safety roadmaps, or when an AI agent is about to generate new C/C++ code that could be written in a memory-safe language instead. Also triggers on CISA/NSA memory safety compliance discussions.
Comprehensive security code review workflow for a target repository, producing a markdown report with findings and recommendations.
A software security skill that integrates with Project CodeGuard to help AI coding agents write secure code and prevent common vulnerabilities. Use this skill when writing, reviewing, or modifying code to ensure secure-by-default practices are followed.
| name | CodeGuard MCP Meta Skill |
| description | Instructs AI coding agents to invoke CodeGuard MCP Server security rules before writing or reviewing code. |
When writing, reviewing, or modifying code, you MUST invoke the CodeGuard MCP Server to retrieve relevant security rules. This is a non-optional security requirement.
IMPORTANT: IF YOU ARE NOT ABLE TO SEE/INVOKE CODEGUARD TOOLS, IMMEDIATELY INFORM THE USER
The CodeGuard MCP Server exposes security rules as individual tools. Each tool returns comprehensive security guidance for specific scenarios.
Tool Invocation Pattern:
Tool: {rule_tool_name}
Arguments: None (tools automatically include metadata)
Returns: Complete security guidance with rule ID, description, and content
Before any coding activity:
codeguard_.If you cannot discover/invoke CodeGuard tools, stop and inform the user.
codeguard_1_*MANDATORY: Before writing/reviewing/modifying code, invoke every available tool whose name contains:
codeguard_1_These are "always-on" guardrails and must be enforced regardless of language or domain.
codeguard_0_*After invoking codeguard_1_*, decide which codeguard_0_* tools to invoke by using the tool descriptions plus your current task context.
Infer from one or more of:
.py, .js, .ts, .yaml, .yml, .Dockerfile, etc.)Use the tool descriptions to map the task to domains such as auth, API/web services, input validation, storage, file handling, DevOps/IaC, privacy, logging/monitoring, XML/serialization, mobile, etc.
For each available codeguard_0_* tool:
If uncertain and the change is security-sensitive, err on the side of invoking the relevant codeguard_0_* tools (while avoiding clearly unrelated tools).
When you implement changes:
In your response to the user, explicitly state:
codeguard_1_* plus the selected codeguard_0_*)If you are about to write/review/modify code and you have not invoked CodeGuard tools per this meta rule, stop and invoke them first.