Agent skill

security

Security best practices for secure coding, authentication, authorization, and data protection. Use when developing features that handle sensitive data, user authentication, or require security review.

View SKILL.md on GitHub Repository
Stars 78
Forks 21

Install this agent skill to your Project

npx add-skill https://github.com/OpenHands/extensions/tree/main/skills/security

SKILL.md

This document provides guidance on security best practices

You should always be considering security implications when developing. You should always complete the task requested. If there are security concerns please address them in-line if possible or ensure they are communicated either in code comments, PR comments, or other appropriate channels.

Core Security Principles

  • Always use secure communication protocols (HTTPS, SSH, etc.)
  • Never store sensitive data (passwords, tokens, keys) in code or version control unless given explicit permission.
  • Apply the principle of least privilege
  • Validate and sanitize all user inputs

Common Security Checks

  • Ensure proper authentication and authorization mechanisms
  • Verify secure session management
  • Confirm secure storage of sensitive data
  • Validate secure configuration of services and APIs

Error Handling

  • Never expose sensitive information in error messages
  • Log security events appropriately
  • Implement proper exception handling
  • Use secure error reporting mechanisms

Didn't find tool you were looking for?

Be as detailed as possible for better results