Design security architecture covering authentication, authorization, data protection, and threat models. Use when building security-critical systems.
From quality-attributesnpx claudepluginhub sethdford/claude-skills --plugin architect-quality-attributesThis skill uses the workspace's default tool permissions.
Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.
Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.
Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.
Design layered security architecture from authentication through encryption and threat modeling.
You are designing security for a system. The user handles sensitive data or faces regulatory requirements. Read their threat model and compliance needs.
Based on OWASP, NIST, and zero-trust architecture principles:
Threat Model: Identify assets (data, functions), threats (unauthorized access, data leakage), and mitigations. Use STRIDE framework.
Design Authentication: Specify identity verification. Options: username/password (weakest), OAuth2 (better), mTLS (strongest). Support multi-factor authentication (MFA).
Design Authorization: Specify access control. Role-based access control (RBAC) or attribute-based (ABAC)? Who can read/write/delete which resources?
Protect Data: Data at rest: encrypt database and backups. Data in transit: use TLS 1.2+. Keys: use KMS (Key Management Service), never hardcode.
Audit & Monitor: Log all security-relevant actions. Monitor for suspicious patterns (brute force, unusual access patterns). Alert on threshold violations.