一键导入
codeguard-mcp-meta-skill
Instructs AI coding agents to invoke CodeGuard MCP Server security rules before writing or reviewing code.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Instructs AI coding agents to invoke CodeGuard MCP Server security rules before writing or reviewing code.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
| name | CodeGuard MCP Meta Skill |
| description | Instructs AI coding agents to invoke CodeGuard MCP Server security rules before writing or reviewing code. |
When writing, reviewing, or modifying code, you MUST invoke the CodeGuard MCP Server to retrieve relevant security rules. This is a non-optional security requirement.
IMPORTANT: IF YOU ARE NOT ABLE TO SEE/INVOKE CODEGUARD TOOLS, IMMEDIATELY INFORM THE USER
The CodeGuard MCP Server exposes security rules as individual tools. Each tool returns comprehensive security guidance for specific scenarios.
Tool Invocation Pattern:
Tool: {rule_tool_name}
Arguments: None (tools automatically include metadata)
Returns: Complete security guidance with rule ID, description, and content
Before any coding activity:
codeguard_.If you cannot discover/invoke CodeGuard tools, stop and inform the user.
codeguard_1_*MANDATORY: Before writing/reviewing/modifying code, invoke every available tool whose name contains:
codeguard_1_These are "always-on" guardrails and must be enforced regardless of language or domain.
codeguard_0_*After invoking codeguard_1_*, decide which codeguard_0_* tools to invoke by using the tool descriptions plus your current task context.
Infer from one or more of:
.py, .js, .ts, .yaml, .yml, .Dockerfile, etc.)Use the tool descriptions to map the task to domains such as auth, API/web services, input validation, storage, file handling, DevOps/IaC, privacy, logging/monitoring, XML/serialization, mobile, etc.
For each available codeguard_0_* tool:
If uncertain and the change is security-sensitive, err on the side of invoking the relevant codeguard_0_* tools (while avoiding clearly unrelated tools).
When you implement changes:
In your response to the user, explicitly state:
codeguard_1_* plus the selected codeguard_0_*)If you are about to write/review/modify code and you have not invoked CodeGuard tools per this meta rule, stop and invoke them first.
A CodeGuard security skill that helps AI coding agents write secure code and prevent common vulnerabilities. Use this skill when writing, reviewing, or modifying code to ensure secure-by-default practices are followed.
Guide secure migration of code from memory-unsafe languages (C, C++, Assembly) to memory-safe languages (Rust, Go, Java, C#, Swift). Use when migrating or rewriting legacy C/C++ code, designing FFI boundaries between safe and unsafe code, writing new modules in existing C/C++ codebases, reviewing mixed-language projects, planning memory safety roadmaps, or when an AI agent is about to generate new C/C++ code that could be written in a memory-safe language instead. Also triggers on CISA/NSA memory safety compliance discussions.
Comprehensive security code review workflow for a target repository, producing a markdown report with findings and recommendations.