ReddRadar
Agent skill
security/secure-c
Secure C Coding security skill
Install this agent skill to your Project
npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/data/secure-c
SKILL.md
Secure C Coding
Avoid dangerous functions, use safe alternatives, enable compiler hardening.
Banned Functions → Safe Alternatives
| Banned | Why | Use Instead |
|---|---|---|
strcpy |
No bounds | strncpy, strlcpy, snprintf |
strcat |
No bounds | strncat, strlcat |
sprintf |
No bounds | snprintf |
gets |
Always unsafe | fgets |
scanf("%s") |
No bounds | scanf("%Ns") with width |
mktemp |
Race condition | mkstemp |
atoi |
No error detection | strtol with validation |
Compiler Hardening
CFLAGS += -fstack-protector-strong # Stack canaries
CFLAGS += -D_FORTIFY_SOURCE=2 # Runtime buffer checks
CFLAGS += -fPIE -pie # ASLR for executables
LDFLAGS += -Wl,-z,relro,-z,now # GOT protection
Static Analysis
make lint- clang-tidy checkscppcheck --enable=all- Compiler warnings:
-Wall -Wextra -Werror
Review red flags: Any banned function, missing bounds on string ops, char buf[N] with unchecked input.
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
Didn't find tool you were looking for?