appsec-implementer

Community

Ship one proven security control.

Authornguyenpv1980-wq
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill turns a named application-security requirement into a small, test-proven code change so you can close a specific abuse case without broad refactors or guesswork.

Core Features & Use Cases

  • Test-first security fixes: Write a failing negative test that reproduces the vulnerability, then implement the minimal server-side control until it passes.
  • Scoped control implementation: Apply one decided control at a time, such as input validation, output encoding, parameterized queries, authorization checks, secure cookie flags, safe file handling, SSRF protections, or open redirect allowlists.
  • Evidence-driven delivery: Capture the exact commands, outputs, touched files, and residual risk so reviewers can verify the fix quickly.
  • Use Case: A threat model says an endpoint lacks ownership checks, so you add the authorization guard, prove wrong-tenant access returns 404 or 403, and confirm the surrounding suite stays green.

Quick Start

Use the appsec-implementer skill to add the named security control with a failing-then-passing negative test and a minimal server-side fix.

Dependency Matrix

Required Modules

None required

Components

references

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: appsec-implementer
Download link: https://github.com/nguyenpv1980-wq/Project-Aegis/archive/main.zip#appsec-implementer

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 545,000+ vetted skills library on demand.