Skip to main content
SkillJury
Back to the directory
addyosmani/agent-skillsSoftware EngineeringFrontend and Design

security-and-hardening

Security-first development practices for web applications. Treat every external input as hostile, every secret as sacred, and every authorization check as mandatory. Security isn't a phase — it's a constraint on every line of code that touches user data, authentication, or external systems.

SkillJury keeps community verdicts, source metadata, and external repository signals in separate lanes so ranking data never pretends to be a review.

SkillJury verdict
Pending

No approved reviews yet

Would recommend
Pending

Waiting on enough review volume

Install signal
1

Weekly or total install activity from catalog data

Sign in to review
0 review requests
Install command
npx skills add https://github.com/addyosmani/agent-skills --skill security-and-hardening
SkillJury does not have enough approved reviews to publish a community verdict yet. Source metadata and repository proof are still available above.
SkillJury Signal Summary

As of Apr 30, 2026, security-and-hardening has 1 weekly installs, 0 community reviews on SkillJury. Community votes currently stand at 0 upvotes and 0 downvotes. Source: addyosmani/agent-skills. Canonical URL: https://skills.sh/addyosmani/agent-skills/security-and-hardening.

Security audits
Gen Agent Trust HubPASS
SocketPASS
SnykPASS
About this skill
Security-first development practices for web applications. Treat every external input as hostile, every secret as sacred, and every authorization check as mandatory. Security isn't a phase — it's a constraint on every line of code that touches user data, authentication, or external systems. Not all audit findings require immediate action. Use this decision tree: Key questions: When you defer a fix, document the reason and set a review date. Always check before committing: For detailed security checklists and pre-commit verification steps, see references/security-checklist.md . After implementing security-relevant code: - Building anything that accepts user input - Implementing authentication or authorization - Storing or transmitting sensitive data - Integrating with external APIs or services - Adding file uploads, webhooks, or callbacks - Handling payment or PII data - Validate all external input at the system boundary (API routes, form handlers) - Parameterize all database queries — never concatenate user input into SQL - Encode output to prevent XSS (use framework auto-escaping, don't bypass it) - Use HTTPS for all external communication - Hash passwords with bcrypt/scrypt/argon2 (never store plaintext) - Set security headers (CSP, HSTS, X-Frame-Options, X-Content-Type-Options) - Use httpOnly, secure, sameSite cookies for sessions - Run npm audit (or equivalent) before...

Source description provided by the upstream listing. Community review signal and install context stay separate from this narrative layer.

Community reviews

Latest reviews

No community reviews yet. Be the first to review.

Browse this skill in context
FAQ
What does security-and-hardening do?

Security-first development practices for web applications. Treat every external input as hostile, every secret as sacred, and every authorization check as mandatory. Security isn't a phase — it's a constraint on every line of code that touches user data, authentication, or external systems.

Is security-and-hardening good?

security-and-hardening does not have approved reviews yet, so SkillJury cannot publish a community verdict.

Which AI agents support security-and-hardening?

security-and-hardening currently lists compatibility with Skills CLI.

Is security-and-hardening safe to install?

security-and-hardening has been scanned by security audit providers tracked on SkillJury. Check the security audits section on this page for detailed results from Socket.dev and Snyk.

What are alternatives to security-and-hardening?

Skills in the same category include grimoire-morpho-blue, conversation-memory, second-brain-ingest, zai-tts.

How do I install security-and-hardening?

Run the following command to install security-and-hardening: npx skills add https://github.com/addyosmani/agent-skills --skill security-and-hardening

grimoire-morpho-blueconversation-memorysecond-brain-ingestzai-tts
Related skills

More from addyosmani/agent-skills

addyosmani/agent-skills/Software Engineering

code-review-and-quality

Multi-dimensional code review with quality gates. Every change gets reviewed before merge — no exceptions. Review covers five axes: correctness, readability, architecture, security, and performance.

Weekly installs
2
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource addyosmani/agent-skills
addyosmani/agent-skills/Software Engineering

frontend-ui-engineering

Build production-quality user interfaces that are accessible, performant, and visually polished. The goal is UI that looks like it was built by a design-aware engineer at a top company — not like it was generated by an AI. This means real design system adherence, proper accessibility, thoughtful interaction patterns,...

Weekly installs
2
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource addyosmani/agent-skills
addyosmani/agent-skills/Software Engineering

planning-and-task-breakdown

Decompose work into small, verifiable tasks with explicit acceptance criteria. Good task breakdown is the difference between an agent that completes work reliably and one that produces a tangled mess. Every task should be small enough to implement, test, and verify in a single focused session.

Weekly installs
2
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource addyosmani/agent-skills
addyosmani/agent-skills/Software Engineering

spec-driven-development

Write a structured specification before writing any code. The spec is the shared source of truth between you and the human engineer — it defines what we're building, why, and how we'll know it's done. Code without a spec is guessing.

Weekly installs
2
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource addyosmani/agent-skills
Related skills

Alternatives in Software Engineering

franalgaba/grimoire/Software Engineering

grimoire-morpho-blue

Query Morpho Blue deployment metadata and vault snapshots via the Grimoire CLI.

Weekly installs
999
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource franalgaba/grimoire
sickn33/antigravity-awesome-skills/Software Engineering

conversation-memory

Persistent memory systems for LLM conversations with tiered storage and intelligent retrieval.

Weekly installs
998
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource sickn33/antigravity-awesome-skills
nicholasspisak/second-brain/Software Engineering

second-brain-ingest

Process raw source documents into structured, interlinked wiki pages.

Weekly installs
998
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringWriting and ContentNo reviews yetSource nicholasspisak/second-brain
aahl/skills/Software Engineering

zai-tts

High-quality text-to-speech audio generation using GLM-TTS with customizable voices and playback parameters.

Weekly installs
998
Community vote
0
0 up / 0 down
Freshness
Synced Apr 30, 2026
Software EngineeringFrontend and DesignNo reviews yetSource aahl/skills