Skill

security-bluebook-builder

Generates minimal Blue Book security policy documents for sensitive apps using MUST/SHOULD/CAN language, covering threat models, data classification, auth, logging, retention, and gates.

security

From antigravity-awesome-skills

Install

Run in your terminal

npx claudepluginhub sickn33/antigravity-awesome-skills --plugin antigravity-awesome-skills

Tool Access

This skill uses the workspace's default tool permissions.

Skill Content

Similar Skills

agent-harness-construction

Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.

everything-claude-code

139.9k

agent-payment-x402

Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.

everything-claude-code

139.9k

agent-eval

Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.

everything-claude-code

139.9k

Stats

Parent Repo Stars30787

Parent Repo Forks5140

Last CommitMar 27, 2026

Actions

View Source View Plugin View on GitHub View README

Security Bluebook Builder

Overview

Build a minimal but real security policy for sensitive apps. The output is a single, coherent Blue Book document using MUST/SHOULD/CAN language, with explicit assumptions, scope, and security gates.

Workflow

1) Gather inputs (ask only if missing)

Collect just enough context to fill the template. If the user has not provided details, ask up to 6 short questions:

What data classes are handled (PII, PHI, financial, tokens, content)?
What are the trust boundaries (client/server/third parties)?
How do users authenticate (OAuth, email/password, SSO, device sessions)?
What storage is used (DB, object storage, logs, analytics)?
What connectors or third parties are used?
Retention and deletion expectations (default + user-initiated)?

If the user cannot answer, proceed with safe defaults and mark TODOs.

2) Draft the Blue Book

Load references/bluebook_template.md and fill it with the provided details. Keep it concise, deterministic, and enforceable.

3) Enforce guardrails

Do not include secrets, tokens, or internal credentials.
If something is unknown, write "TODO" plus a clear assumption.
Fail closed: if a capability is required but unavailable, call it out explicitly.
Keep scope minimal; do not add features or tools beyond what the user asked for.

4) Quality checks

Confirm the Blue Book includes:

Threat model (assumptions + out-of-scope)
Data classification + handling rules
Trust boundaries + controls
Auth/session policy
Token handling policy
Logging/audit policy
Retention/deletion
Incident response mini-runbook
Security gates + go/no-go checklist

Resources

references/bluebook_template.md