security-privacy

Security & Privacy (Pre-flight)

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "security-privacy" with this command: npx skills add 7spade/black-tortoise/7spade-black-tortoise-security-privacy

Security & Privacy (Pre-flight)

Use when

  • Adding/reading/writing user/workspace data.

  • Touching identity/auth, permissions, Firebase rules, or external APIs.

  • Adding logging, analytics, telemetry, or error reporting.

Workflow

  • Identify data: what fields are PII, where stored, retention expectations.

  • Identify trust boundaries: browser ↔ Firebase/backend; who can call what.

  • Minimize & redact: remove unnecessary fields; ensure logs/errors redact secrets/PII.

  • Validate inputs at the edge; keep Domain pure.

  • Confirm least privilege: tokens, rules, and access paths.

Output checklist

  • No secrets in repo, fixtures, or logs.

  • No PII in logs/errors/templates.

  • Clear authorization point (not scattered across UI).

  • Deletion path does not leave access holes.

References

  • .github/instructions/65-security-privacy-copilot-instructions.md

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

material-design-3

No summary provided by upstream source.

Repository SourceNeeds Review
-68
7spade
General

architecture-ddd

No summary provided by upstream source.

Repository SourceNeeds Review
-13
7spade
General

webapp-testing

No summary provided by upstream source.

Repository SourceNeeds Review
-12
7spade