Menu
Security best practices, OWASP Top 10, and secure coding guidelines
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Based on SOC occupation classification
| name | security |
| description | Security best practices, OWASP Top 10, and secure coding guidelines |
| allowed-tools | ["Read","Glob","Grep","WebSearch"] |
| model | opus |
| triggers | {"files":["**/auth/**","**/security/**","**/*Auth*","**/*Security*","**/.env*"],"keywords":["security","authentication","authorization","OWASP","injection","XSS","CSRF","encryption","password","token","JWT","OAuth"]} |
This skill provides guidelines and best practices.
See ../../rules/11-security.md for detailed documentation.
API Gateway patterns (Kong, Traefik, AWS API Gateway) — rate limiting, auth, routing, versioning. Use when implementing API gateway, reverse proxy, or API management.
Docker & Hadolint validation (2026). Use when working with Docker, containers, or validating Dockerfiles.
Cloudflare Workers, Deno Deploy, Vercel Edge Functions, edge patterns (geo-routing, caching). Use when implementing edge compute, CDN logic, or global low-latency APIs.
GraphQL API design, Apollo Federation, schema stitching, resolvers, N+1 query problem. Use when implementing GraphQL API, federation, or optimizing queries.
Monorepo management (Nx, Turborepo, pnpm workspaces) — task orchestration, caching, code sharing. Use when setting up monorepo, optimizing builds, or managing multi-package projects.
OpenTelemetry, distributed tracing, structured logging, metrics (Prometheus, Grafana, Datadog). Use when implementing monitoring, tracing, or debugging production issues.
