D
Datarim
EN RU
Skill Quality

Security

Authentication, authorization, input validation, data protection, dependency safety. Use for security review or when handling secrets and user data.

Overview

Security is a reference skill loaded by security analysts, reviewers, architects, and DevOps agents when reviewing code or handling secrets and user data. It provides rules for authentication, data protection, dependency management, and a critical section on distinguishing real compromise from background scanner noise.

Authentication & Authorization

  • Never hardcode secrets or API keys — use .env files and environment variables
  • Validate all inputs on the server side — client-side validation is a UX convenience, not a security measure
  • Apply the principle of least privilege for all API keys and service accounts

Data Protection

  • Sanitize all user inputs to prevent XSS and SQL injection
  • Encrypt sensitive data at rest and in transit
  • Do not log Personally Identifiable Information (PII)

Dependency Safety

  • Audit dependencies for known vulnerabilities using the project's package-manager-native audit command at the declared severity threshold
  • Pin dependency versions — no floating ranges in production
  • Review new dependencies before adding them to the project

Reconnaissance vs Compromise

A 200 response to a suspicious filename is not proof of compromise. Many sites legitimately host files whose names overlap with common webshell filenames. Every public IPv4 is probed daily. Before declaring compromise, verify: file size and content match legitimate patterns, check file ownership and modification dates, compare hashes across sites, and look for true indicators like base64-encoded payloads, eval($_POST[...]) patterns, unexpected cron entries, or outbound connections to unknown IPs.

Tailscale + VPN Coexistence

When a commercial VPN coexists with Tailscale on macOS: reboot after any Tailscale update, use --accept-dns=false if VPN provides DNS, start Tailscale before the VPN, verify the utun interface is up, and note that free auth keys are single-use.

When It's Used

Loaded during /dr-design and /dr-qa for security review, and by the security agent during Consilium panels. A reference skill with no model assignment — inherits from the calling agent.

← All Features