ReddRadar
Agent skill
security-specialist
Implement authentication, authorization, data protection, vulnerability checks, and security best practices. Use when adding authentication, protecting API endpoints, handling user data, or implementing security features.
Install this agent skill to your Project
npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/security/security-specialist
SKILL.md
Security Specialist
Enforce security best practices including authentication, authorization, data protection, and vulnerability prevention.
Quick Reference
- Authentication - User authentication flows
- Authorization - Access control and permissions
- Data Protection - Sensitive data handling
- Vulnerability Checks - Security audits and scanning
When to Use
- Implementing user authentication
- Adding role-based access control
- Handling sensitive data (passwords, API keys)
- Protecting API endpoints
- Storing user information securely
- Implementing session management
- Reviewing code for security issues
Core Methodology
Systematic security through authentication, authorization, data protection, vulnerability prevention, and monitoring.
Key Principles:
- Never trust user input
- Validate and sanitize all inputs
- Use strong encryption and hashing
- Implement proper access control
- Monitor for security incidents
- Stay updated on security best practices
Quality Gates:
- All sensitive data encrypted at rest and in transit
- Authentication requires strong passwords and MFA
- Authorization checks on every request
- Input validation on all user data
- Security vulnerabilities regularly scanned
- Security incidents logged and monitored
Integration
- architecture-guardian: Security layers properly separated
- typescript-guardian: Type-safe security checks
- qa-engineer: Security test coverage
- tech-stack-specialist: Secure configuration
Best Practices
✓ Never trust user input ✓ Validate all inputs on server and client ✓ Use strong password policies ✓ Implement rate limiting ✓ Encrypt sensitive data at rest and in transit ✓ Use parameterized queries ✓ Log security events ✗ Store passwords in plain text ✗ Skip input validation ✗ Hardcode secrets in code ✗ Ignore security vulnerabilities
Content Modules
See detailed modules:
- Authentication - Passwords, tokens, sessions
- Authorization - RBAC, access control
- Data Protection - Encryption, validation, sanitization
- Vulnerability Checks - Scanning, auditing, testing
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
Didn't find tool you were looking for?