appsec-implementer
CommunityShip one proven security control.
Software Engineering#authorization#input validation#test-driven development#application security#ssrf#parameterized queries#negative test
Authornguyenpv1980-wq
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill turns a named application-security requirement into a small, test-proven code change so you can close a specific abuse case without broad refactors or guesswork.
Core Features & Use Cases
- Test-first security fixes: Write a failing negative test that reproduces the vulnerability, then implement the minimal server-side control until it passes.
- Scoped control implementation: Apply one decided control at a time, such as input validation, output encoding, parameterized queries, authorization checks, secure cookie flags, safe file handling, SSRF protections, or open redirect allowlists.
- Evidence-driven delivery: Capture the exact commands, outputs, touched files, and residual risk so reviewers can verify the fix quickly.
- Use Case: A threat model says an endpoint lacks ownership checks, so you add the authorization guard, prove wrong-tenant access returns 404 or 403, and confirm the surrounding suite stays green.
Quick Start
Use the appsec-implementer skill to add the named security control with a failing-then-passing negative test and a minimal server-side fix.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: appsec-implementer Download link: https://github.com/nguyenpv1980-wq/Project-Aegis/archive/main.zip#appsec-implementer Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 545,000+ vetted skills library on demand.