| name | security-and-hardening |
| description | OWASP-aligned security engineering for all code produced by agents. Use when building any feature that handles user input, authentication, data storage, API endpoints, file uploads, or external integrations. Covers OWASP Top 10, injection prevention, secrets management, CSP, dependency auditing, and security review checklists.
|
| version | 1.0.0 |
| permissions | ["fs.read","fs.write","shell.exec","net.http"] |
| triggers | [{"context":"handling user input"},{"context":"building authentication"},{"context":"building API endpoints"},{"context":"storing sensitive data"},{"context":"file uploads"},{"context":"external API integrations"},{"command":"/review"}] |
| platforms | ["claude-code","cursor","gemini-cli","copilot","codex","opencode","windsurf","kiro"] |
| dependencies | ["test-driven-development@^1.0.0"] |
| model_variants | {"claude":{"enforcement_style":"human-partner collaborative","security_phrasing":"Security is a shared responsibility. Let's review this together before shipping."},"gemini":{"enforcement_style":"structured-checklist","security_phrasing":"SECURITY GATE: ☐ Input validation ☐ Output encoding ☐ Auth checks ☐ Secrets audit ☐ Headers configured"},"gpt":{"enforcement_style":"directive-imperative","security_phrasing":"You MUST validate all inputs, encode all outputs, and verify all auth before declaring this secure."}} |
| author | codehands-core |
| signed | true |
| tier | 1 |