npx claudepluginhub tractorjuice/ipad-kit --plugin ipad-kit<project ID, e.g. '001'># IPAD Security Model
## User Input
## Instructions
> **Note**: The `ipad-context` hook automatically injects project context (project list, existing artifacts, maturity level) into this command's execution. Use that context to identify the target project directory, project ID, and any existing artifacts.
### Step 0: Prerequisite Check
1. Identify the target project from `$ARGUMENTS` (the project ID, e.g., `001`).
2. Verify that an **Entity Model** artifact (`IPAD-{PROJECT_ID}-ENTM-*.md`) exists in the project directory. This is a **mandatory** prerequisite.
3. If the ENTM artifact i.../securityRuns autonomous security audit using STRIDE threat model, OWASP Top 10, and red-team simulation with 4 adversarial personas. Supports --diff, --fix, --scope, --depth flags.
/securityRuns OWASP-compliant security audit via multi-LLM orchestration. Begins with clarifying questions on threat model, compliance, risk tolerance, and validation method.
/securityPerforms security review and vulnerability assessment on code modules or files following OWASP standards, classifying issues by severity and generating reports. Also supports --owasp flag.
/securityConducts security reviews of apps, APIs, scripts, and configs using OWASP Top 10 best practices and threat modeling; detects vulnerabilities and suggests fixes.
/securityAuto-detects Drupal or Next.js project type and runs multi-layer security scans with Semgrep, Trivy, Gitleaks, and more. Produces JSON report and Markdown summary grouped by severity with remediation guidance.
/securityRuns local security review on git changes vs base branch (default: main), scanning for OWASP Top 10 vulnerabilities, secrets exposure, and anti-patterns. Outputs PASS/WARN/CRITICAL_FAIL verdict, findings, and JSON.
$ARGUMENTS
Note: The
ipad-contexthook automatically injects project context (project list, existing artifacts, maturity level) into this command's execution. Use that context to identify the target project directory, project ID, and any existing artifacts.
$ARGUMENTS (the project ID, e.g., 001).IPAD-{PROJECT_ID}-ENTM-*.md) exists in the project directory. This is a mandatory prerequisite./ipad-kit:entity-model first.IPAD-{PROJECT_ID}-ASSESS-*.md) — for maturity contextIPAD-{PROJECT_ID}-DCLS-*.md) — for classification tiers to align security controlsIPAD-{PROJECT_ID}-GOVR-*.md) — for governance structure integration.ipad/templates/security-template.md.${CLAUDE_PLUGIN_ROOT}/templates/security-template.md.${CLAUDE_PLUGIN_ROOT}/references/framework/governance/ica-security.md — the ICA security model (Integrity, Confidentiality, Accessibility).${CLAUDE_PLUGIN_ROOT}/references/framework/governance/roles-and-responsibilities.md — security-related role responsibilities.${CLAUDE_PLUGIN_ROOT}/references/principles.md — security-relevant principles.ipad-regulatory-research agent to retrieve jurisdiction-specific security and data protection requirements.Produce the following sections in the output artifact:
Auto-populate the following fields at the top of the document:
IPAD-{PROJECT_ID}-SECR-v1.0Define the three-pillar security architecture:
Define security controls specific to each IPAD Framework layer (1-8):
projects/{project-dir}/IPAD-{PROJECT_ID}-SECR-v1.0.md.---
**Generated by**: IPAD Kit `/ipad-kit:security` command
**Generated on**: {DATE}
**IPAD Kit Version**: {IPAD_KIT_VERSION}
**Project**: {PROJECT_ID}-{project-name}
/ipad-kit:data-classification — Review or define data classification for security alignment/ipad-kit:governance — Update governance framework with security control integration