ReddRadar
Agent skill
security
Security best practices for secure coding, authentication, authorization, and data protection. Use when developing features that handle sensitive data, user authentication, or require security review.
Install this agent skill to your Project
npx add-skill https://github.com/OpenHands/extensions/tree/main/skills/security
SKILL.md
This document provides guidance on security best practices
You should always be considering security implications when developing. You should always complete the task requested. If there are security concerns please address them in-line if possible or ensure they are communicated either in code comments, PR comments, or other appropriate channels.
Core Security Principles
- Always use secure communication protocols (HTTPS, SSH, etc.)
- Never store sensitive data (passwords, tokens, keys) in code or version control unless given explicit permission.
- Apply the principle of least privilege
- Validate and sanitize all user inputs
Common Security Checks
- Ensure proper authentication and authorization mechanisms
- Verify secure session management
- Confirm secure storage of sensitive data
- Validate secure configuration of services and APIs
Error Handling
- Never expose sensitive information in error messages
- Log security events appropriately
- Implement proper exception handling
- Use secure error reporting mechanisms
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
OpenHands/extensions
releasenotes
Generate formatted changelogs from git history since the last release tag. Use when preparing release notes that categorize changes into breaking changes, features, fixes, and other sections.
OpenHands/extensions
bitbucket
Interact with Bitbucket repositories and pull requests using the BITBUCKET_TOKEN environment variable. Use when working with code hosted on Bitbucket or managing Bitbucket resources via API.
OpenHands/extensions
add-skill
Add an external skill from a GitHub repository to the current workspace. Use when users want to import, install, or add a skill from a GitHub URL (e.g., `/add-skill https://github.com/OpenHands/extensions/tree/main/skills/codereview` or "add the codereview skill from https://github.com/OpenHands/extensions/"). Handles fetching the skill files and placing them in .agents/skills/.
OpenHands/extensions
add-javadoc
Add comprehensive JavaDoc documentation to Java classes and methods. Use when documenting Java code, adding API documentation, or improving code documentation.
OpenHands/extensions
flarglebargle
A test skill that responds to the magic word "flarglebargle" with a compliment. Use for testing skill activation and trigger functionality.
OpenHands/extensions
codereview-roasted
Brutally honest code review in the style of Linus Torvalds, focusing on data structures, simplicity, and pragmatism. Use when you want critical, no-nonsense feedback that prioritizes engineering fundamentals over style preferences.
Didn't find tool you were looking for?