npx claudepluginhub jnuyens/gsd-plugin --plugin gsdThis skill is limited to using the following tools:
<objective>
Orchestrates stage-aware cybersecurity guidance for planning, risky implementation changes across auth/authz/tokens/secrets/middleware/outbound-requests/file-handling/CI/deployment/trust boundaries, reviews, and pre-release hardening.
Executes multi-phase security audits: threat modeling, automated scans (npm audit, semgrep, trufflehog), manual reviews, pentesting, remediation, and OWASP/GDPR compliance checks.
Audits code for security vulnerabilities including OWASP Top 10, auth flaws, injection, data exposure, and dependency risks using STRIDE threat modeling and phased reviews.
Share bugs, ideas, or general feedback.
Output: updated SECURITY.md.
<execution_context> @${CLAUDE_PLUGIN_ROOT}/workflows/secure-phase.md </execution_context>
Phase: $ARGUMENTS — optional, defaults to last completed phase. Execute @${CLAUDE_PLUGIN_ROOT}/workflows/secure-phase.md. Preserve all workflow gates.