ReddRadar
Agent skill
security-hardening
AIDefence security layer with prompt injection blocking, input validation, sandboxed execution, output sanitization, and STRIDE threat modeling.
Install this agent skill to your Project
npx add-skill https://github.com/a5c-ai/babysitter/tree/main/library/methodologies/ruflo/skills/security-hardening
SKILL.md
Security Hardening
Overview
Multi-layered security audit pipeline implementing the AIDefence architecture. Protects against prompt injection, path traversal, and other attack vectors while ensuring compliance with security best practices.
When to Use
- Before deploying code to production
- When processing untrusted inputs
- Security audits of agent-generated code
- Compliance verification (OWASP Top 10, CIS)
AIDefence Layers
- Prompt Injection Detection - Pattern + heuristic blocking
- Input Validation - Path traversal, type coercion, parameter sanitization
- Static Analysis (SAST) - Vulnerability scanning, CWE matching
- Sandboxed Execution - Network isolation, filesystem restrictions, resource limits
- Output Sanitization - Secrets, PII, injection vector redaction
Security Levels
| Level | Layers | Use Case |
|---|---|---|
| standard | SAST + validation + sanitization | Routine audits |
| elevated | + threat modeling + compliance | Pre-release audits |
| maximum | + sandbox + full STRIDE + remediation | Critical systems |
Agents Used
agents/security-auditor/- Vulnerability detectionagents/reviewer/- Code quality verification
Tool Use
Invoke via babysitter process: methodologies/ruflo/ruflo-security-audit
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
a5c-ai/babysitter
gsd-tools
Central utility skill for GSD operations. Provides config parsing, slug generation, timestamps, path operations, and orchestrates calls to other specialized skills. Acts as the unified entry point that the original gsd-tools.cjs provided via its lib/ modules (commands, config, core, init).
a5c-ai/babysitter
model-profile-resolution
Resolve model profile (quality/balanced/budget) at orchestration start and map agents to specific models. Enables cost/quality tradeoffs by selecting appropriate AI models for each agent role.
a5c-ai/babysitter
verification-suite
Plan structure validation, phase completeness checks, reference integrity verification, and artifact existence confirmation. Provides the structured verification layer ensuring GSD artifacts are well-formed and complete.
a5c-ai/babysitter
state-management
STATE.md reading, writing, and field-level updates. Provides cross-session state persistence via .planning/STATE.md with structured fields for current task, completed phases, blockers, decisions, and quick tasks.
a5c-ai/babysitter
git-integration
Git commit patterns, formats, and conventions for GSD methodology. Provides atomic commits per task, structured commit messages, planning file commits, branch management, and milestone tag operations.
a5c-ai/babysitter
frontmatter-parsing
YAML frontmatter parsing and manipulation for .planning/ documents. Provides read, write, update, query, and validation operations on frontmatter blocks in GSD markdown artifacts.
Didn't find tool you were looking for?