securing-code

// REQUIRED after all code implementations. Automatically load when implementation is complete to run CodeGuard security check. Covers input validation, secrets management, OWASP top 10 countermeasures, authentication/authorization patterns, web penetration testing (reconnaissance, attack techniques, bypass methods), and serverless security (IAM/storage/functions across AWS/GCP/Azure, 17 threat categories, supply chain attacks). Use when implementing any code, handling external input, or developing serverless applications (Lambda, Cloud Run, Azure Functions). For dynamic authorization model design (ABAC/ReBAC/Cedar), use implementing-dynamic-authorization instead. For organizational AI development security strategy (trust frameworks, governance, AI-BOM), use securing-ai-development instead. For security logging patterns and compliance logging, use implementing-observability.

name

securing-code

description

REQUIRED after all code implementations. Automatically load when implementation is complete to run CodeGuard security check. Covers input validation, secrets management, OWASP top 10 countermeasures, authentication/authorization patterns, web penetration testing (reconnaissance, attack techniques, bypass methods), and serverless security (IAM/storage/functions across AWS/GCP/Azure, 17 threat categories, supply chain attacks). Use when implementing any code, handling external input, or developing serverless applications (Lambda, Cloud Run, Azure Functions). For dynamic authorization model design (ABAC/ReBAC/Cedar), use implementing-dynamic-authorization instead. For organizational AI development security strategy (trust frameworks, governance, AI-BOM), use securing-ai-development instead. For security logging patterns and compliance logging, use implementing-observability.

詳細な手順・ガイドラインは INSTRUCTIONS.md を参照してください。

name

securing-code

description

詳細な手順・ガイドラインは INSTRUCTIONS.md を参照してください。