ReddRadar
Agent skill
security-baseline
Security requirements, threats, and controls that apply across this system.
Install this agent skill to your Project
npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/data/security-baseline
SKILL.md
Security Baseline
Threat Model (High Level)
- Primary users: internal analytics users
- Assets to protect:
- Customer PII (anonymized in demo)
- Event data integrity
- Connection strings and secrets
Required Controls
Authentication
- Use Azure AD / Entra ID for Fabric workspace access
- Service principals for automated pipelines
Authorization
- Enforce least privilege on Fabric items
- Separate dev/prod workspaces
Input Validation & Output Encoding
- Validate all untrusted input at boundaries
- Sanitize or encode output where appropriate
Secrets Management
- Store secrets in Azure Key Vault, never in code or config files
- Use Fabric-managed connections where possible
Logging & Auditing
- Log security-relevant events
- Avoid logging sensitive data
Common Vulnerabilities
- Never embed connection strings in notebooks
- Validate JSON payloads in streaming pipelines
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
Didn't find tool you were looking for?