Agent skill

security-gate

Enforce minimum security criteria before iteration close or release

View SKILL.md on GitHub Repository

Stars 107

Forks 15

Install this agent skill to your Project

npx add-skill https://github.com/jmagly/aiwg/tree/main/agentic/code/frameworks/sdlc-complete/skills/security-gate

SKILL.md

Security Gate (SDLC)

Criteria

Approved threat model with mitigations or accepted risks
Zero open critical vulnerabilities; highs triaged with owners/dates
SBOM generated and reviewed (if applicable)
Secrets policy verified; no hardcoded secrets

Output

security-gate-report.md with pass/fail and remediation tasks

References

@$AIWG_ROOT/agentic/code/addons/aiwg-utils/rules/vague-discretion.md — Gate criteria must be concrete and verifiable (zero open criticals, SBOM present); never "acceptable risk" without documentation
@$AIWG_ROOT/agentic/code/addons/aiwg-utils/rules/human-authorization.md — Fail the gate and escalate to human; do not autonomously accept or close security findings
@$AIWG_ROOT/agentic/code/frameworks/sdlc-complete/rules/token-security.md — Token security policy this gate verifies (no hardcoded secrets)
@$AIWG_ROOT/agentic/code/frameworks/sdlc-complete/skills/security-audit/SKILL.md — Upstream audit skill whose findings feed into this gate's pass/fail evaluation
@$AIWG_ROOT/agentic/code/frameworks/sdlc-complete/skills/check-traceability/SKILL.md — Traceability verification that may be required as a security gate prerequisite

Maintainer

jmagly Core maintainer

Source details

Full Name: jmagly/aiwg
Branch: main
Path in repo: agentic/code/frameworks/sdlc-complete/skills/security-gate
License: MIT License
Topics: claude-code anthropic workflow-automation developer-tools agentic-coding prompt-engineering autonomous-agents multi-agent orchestration sdlc

Featured Tools

Join Our Newsletter

Stay updated with the latest AI tools, news, and offers by subscribing to our weekly newsletter.

Recommended Agent Skills

Expand your agent's capabilities with these related and highly-rated skills.

jmagly/aiwg

research-document

Generate summaries and literature notes from research papers

107 15

Explore

jmagly/aiwg

research-archive

Package research artifacts for long-term archival

107 15

Explore

jmagly/aiwg

research-cite

Format citations and generate bibliographies

107 15

Explore

jmagly/aiwg

induct-research

Induct research sources into a research repository. Point at an issue, a single file, a directory of papers, or a URI and the skill reads, annotates, and files structured induction tasks — one per source. Similar to address-issues but for research corpora instead of code backlogs.

107 15

Explore

jmagly/aiwg