security-specialist_skill

This skill helps implement authentication, authorization, and data protection with secure practices across endpoints and data handling.
  • TypeScript

0

GitHub Stars

5

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill d-oit/do-novelist-ai --skill security-specialist

  • authentication.md6.3 KB
  • authorization.md5.1 KB
  • data-protection.md6.6 KB
  • SKILL.md2.6 KB
  • vulnerability-checks.md3.3 KB

Overview

This skill implements practical security measures for TypeScript projects, covering authentication, authorization, data protection, and vulnerability checks. It helps teams add secure authentication flows, enforce access control, and protect sensitive data while integrating automated vulnerability scanning. Use it to harden APIs, manage sessions, and ensure consistent security practices across services.

How this skill works

The skill inspects code and configuration to identify missing or weak security controls and offers concrete fixes: password hashing, token handling, session management, and MFA options. It validates input handling, recommends encryption for data at rest and in transit, and integrates vulnerability scans and security logging. Actionable suggestions map to code-level changes, configuration updates, and testing checkpoints.

When to use it

  • Adding or updating user authentication flows (passwords, tokens, sessions)
  • Protecting API endpoints and implementing access control
  • Handling or storing sensitive data like passwords, API keys, or PII
  • Performing security reviews, audits, or automated vulnerability scans
  • Implementing rate limiting, logging, or incident monitoring

Best practices

  • Never trust user input — validate and sanitize on both client and server
  • Use strong, salted hashing for passwords and rotate keys regularly
  • Enforce least privilege with RBAC or attribute-based access control
  • Encrypt sensitive data in transit (TLS) and at rest (AES/GCM or equivalent)
  • Use parameterized queries to prevent SQL injection and implement rate limiting
  • Log security events and monitor for anomalies; maintain incident response playbooks

Example use cases

  • Add JWT-based authentication with refresh tokens and secure cookie storage
  • Introduce role-based access control for admin and user endpoints
  • Migrate plaintext secrets to environment-managed encrypted stores and rotate keys
  • Run automated vulnerability scans and fix high-severity findings before deployment
  • Add input validation and parameterized queries to eliminate injection risks

FAQ

No. It recommends well-supported libraries and patterns for the project language and framework, and provides code-level guidance to integrate them safely.

How does it handle secrets and key management?

It recommends storing secrets in dedicated, encrypted secret stores or environment management, avoiding hardcoded values, and rotating keys regularly. It also suggests access controls for who can read secrets.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational