Skill

security-documentation

Creates security policies, guidelines, compliance docs (SOC 2, GDPR, HIPAA), best practices, incident response plans, and access controls. Use for documenting security requirements.

security

documentation

Install

npx claudepluginhub joshuarweaver/cascade-code-languages-misc-1 --plugin aj-geddes-useful-ai-prompts-4

Tool Access

This skill uses the workspace's default tool permissions.

Preview

- [Overview](#overview)

Supporting Assets

references/1-password-requirements.mdreferences/1-secure-coding-practices.mdreferences/2-multi-factor-authentication-mfa.mdreferences/2-security-headers.mdreferences/3-role-based-access-control-rbac.mdscripts/security-checklist.sh

SKILL.md

Similar Skills

skill-lookup

Searches, retrieves, and installs Agent Skills from prompts.chat registry using MCP tools like search_skills and get_skill. Activates for finding skills, browsing catalogs, or extending Claude.

prompts.chat

159.9k

prompt-lookup

Searches prompts.chat for AI prompt templates by keyword or category, retrieves by ID with variable handling, and improves prompts via AI. Use for discovering or enhancing prompts.

prompts.chat

159.9k

next-compile

1 file

Checks Next.js compilation errors using a running Turbopack dev server after code edits. Fixes actionable issues before reporting complete. Replaces `next build`.

vercel-next-js-2

139.2k

Stats

Stars180

Forks28

Last CommitMar 3, 2026

Actions

View Source View Plugin View on GitHub View README

Overview

Create comprehensive security documentation including policies, guidelines, compliance requirements, and best practices for secure application development and operations.

When to Use

Security policies
Compliance documentation (SOC 2, GDPR, HIPAA)
Security guidelines and best practices
Incident response plans
Access control policies
Data protection policies
Vulnerability disclosure policies
Security audit reports

Quick Start

Minimal working example:

# Security Policy

**Version:** 2.0
**Last Updated:** 2025-01-15
**Review Schedule:** Quarterly
**Owner:** Security Team
**Contact:** security@example.com

## Table of Contents

1. [Overview](#overview)
2. [Scope](#scope)
3. [Authentication & Access Control](#authentication--access-control)
4. [Data Protection](#data-protection)
5. [Application Security](#application-security)
6. [Infrastructure Security](#infrastructure-security)
7. [Incident Response](#incident-response)
8. [Compliance](#compliance)
9. [Security Training](#security-training)

---

## 1. Overview

### Purpose
// ... (see reference guides for full implementation)

Reference Guides

Detailed implementations in the references/ directory:

Guide	Contents
1 Password Requirements	1 Password Requirements
2 Multi-Factor Authentication (MFA)	2 Multi-Factor Authentication (MFA)
3 Role-Based Access Control (RBAC)	3 Role-Based Access Control (RBAC)
1 Secure Coding Practices	1 Secure Coding Practices
2 Security Headers	2 Security Headers, 3 API Security

Best Practices

✅ DO

Follow principle of least privilege
Encrypt sensitive data
Implement MFA everywhere
Log security events
Regular security audits
Keep systems updated
Document security policies
Train employees regularly
Have incident response plan
Test backups regularly

❌ DON'T

Store passwords in plaintext
Skip input validation
Ignore security headers
Share credentials
Hardcode secrets in code
Skip security testing
Ignore vulnerability reports