Habilidades security-engineering
🛡️

security-engineering

Seguro

Apply Security Engineering Best Practices

También disponible en: Joseph OBrien

Design secure systems and implement robust security controls. This skill provides comprehensive guidance on security architecture, authentication, authorization, and compliance frameworks.

Soporta: Claude Codex Code(CC)
📊 69 Adecuado
1

Descargar el ZIP de la skill

2

Subir en Claude

Ve a Configuración → Capacidades → Skills → Subir skill

3

Activa y empieza a usar

Pruébalo

Usando "security-engineering". How do I prevent SQL injection in my Python application?

Resultado esperado:

  • Use parameterized queries with placeholders instead of string concatenation
  • Example: cursor.execute('SELECT * FROM users WHERE id = %s', (user_id,))
  • Never interpolate user input directly into SQL strings
  • Enable SQLAlchemy ORM which uses parameterized queries by default
  • Implement input validation as a secondary defense layer

Auditoría de seguridad

Seguro
v3 • 1/10/2026

Pure markdown knowledge-base skill with no executable code. Contains only informational content about security engineering topics.

1
Archivos escaneados
228
Líneas analizadas
0
hallazgos
3
Auditorías totales
No se encontraron problemas de seguridad
Auditado por: claude Ver historial de auditorías →

Puntuación de calidad

38
Arquitectura
100
Mantenibilidad
81
Contenido
23
Comunidad
100
Seguridad
87
Cumplimiento de la especificación

Lo que puedes crear

Build Secure Applications

Apply secure coding practices and implement proper authentication, authorization, and input validation in your code.

Design Security Frameworks

Create defense-in-depth architectures and zero trust models for enterprise systems.

Implement Security Controls

Integrate security testing, compliance checks, and monitoring into CI/CD pipelines.

Prueba estos prompts

Architecture Review 
Review my system architecture for security gaps using the defense-in-depth approach. Identify weaknesses in each layer from perimeter to data.
AuthZ Design 
Design an access control system for my application. Should I use RBAC or ABAC? Show implementation examples with least privilege principles.
Threat Model 
Conduct threat modeling using STRIDE for my e-commerce checkout flow. What are the main risks and how do I mitigate them?
Compliance Check 
What security controls do I need to implement for SOC2 compliance? Show the key policies and technical requirements.

Mejores prácticas

  • Apply defense-in-depth with security controls at multiple layers
  • Follow zero trust principles: never trust, always verify
  • Implement least privilege access for all system components

Evitar

  • Storing secrets in environment variables without rotation
  • Skipping input validation on the client side
  • Using deprecated authentication methods like MD5 for passwords

Preguntas frecuentes

What AI tools support this skill?
This skill works with Claude, Codex, and Claude Code. It provides guidance applicable across all major AI coding assistants.
Does this skill perform security scans?
No. This skill provides guidance and patterns. You need separate tools like Semgrep, OWASP ZAP, or Snyk for actual security scanning.
Can this skill help with compliance audits?
Yes. It outlines control requirements for SOC2, HIPAA, PCI-DSS, GDPR, and ISO 27001. It does not replace formal audit processes.
Is my data safe when using this skill?
Yes. This is a prompt-based skill with no code execution. No data leaves your environment. All processing happens within your AI tool.
Why are my security recommendations not working?
Ensure you are providing enough context about your system. Complex environments may require multiple prompt iterations to cover all aspects.
How does this compare to other security tools?
This skill provides strategic guidance and patterns. Tools like SAST/DAST scanners provide automated detection. Use both together for comprehensive coverage.

Detalles del desarrollador

Licencia

MIT

Repositorio

https://github.com/89jobrien/steve/tree/main/steve/skills/security-engineering

Ref.

main

Estructura de archivos

📄 SKILL.md