cybersecurity_skill

This skill helps you enforce secure by design practices across authentication, authorization, encryption, and risk-based defenses for applications and data.
  • Python

21

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill omer-metin/skills-for-antigravity --skill cybersecurity

  • SKILL.md2.2 KB

Overview

This skill provides practical security engineering guidance to protect applications, data, and users from real-world threats. It focuses on risk-based decisions, secure defaults, and automated patterns that reduce common vulnerabilities. Responses are grounded in the curated patterns, sharp edges, and validation rules referenced by the skill.

How this skill works

When asked, the skill inspects architecture, authentication flows, authorization models, storage of secrets, and common input handling patterns to identify risk. It maps findings to prescriptive mitigations from the patterns reference, explains root causes using the sharp edges guidance, and validates suggested changes against the validations rules. Recommendations emphasize automation, defense in depth, least privilege, and fail-secure defaults.

When to use it

  • Designing or reviewing authentication and authorization (JWT, OAuth, sessions)
  • Harden input handling to prevent XSS, SQL injection, CSRF, and similar vulnerabilities
  • Assessing secrets management, encryption at rest and in transit, and key lifecycle
  • Building incident response plans, audit controls, and compliance checklists
  • Evaluating permissions, RBAC/ABAC policies, and least-privilege enforcement

Best practices

  • Follow referenced secure patterns for common flows instead of ad-hoc fixes
  • Automate detection and remediation where possible (CI checks, linters, secrets scanning)
  • Enforce least privilege for services and users; avoid broad roles or long-lived secrets
  • Fail secure by default: deny access when validation or authorization is uncertain
  • Treat security as an iterative process: test, monitor, and refine controls regularly

Example use cases

  • Review an OAuth/JWT implementation and recommend validation, token lifetimes, and revocation patterns
  • Audit web forms and APIs to remove XSS, SQL injection, and CSRF vectors using proven input-handling patterns
  • Design secrets management: rotation, storage, and access controls for cloud-native apps
  • Create an incident response checklist mapped to detection and containment guidance from sharp edges
  • Validate a proposed RBAC model against strict rules to confirm least-privilege enforcement

FAQ

I provide concrete, pattern-based code recommendations and configuration changes, plus validation rules you can apply in CI. You must test and integrate the fixes in your environment.

What if my suggested fix conflicts with an existing pattern?

I prioritize the referenced patterns, sharp edges, and validations. If your change conflicts, I will explain why and propose compliant alternatives.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational