security-documentation

Create security policies, guidelines, compliance documentation, and security best practices. Use when documenting security policies, compliance requirements, or security guidelines.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "security-documentation" with this command: npx skills add aj-geddes/useful-ai-prompts/aj-geddes-useful-ai-prompts-security-documentation

Security Documentation

Table of Contents

Overview

Create comprehensive security documentation including policies, guidelines, compliance requirements, and best practices for secure application development and operations.

When to Use

  • Security policies
  • Compliance documentation (SOC 2, GDPR, HIPAA)
  • Security guidelines and best practices
  • Incident response plans
  • Access control policies
  • Data protection policies
  • Vulnerability disclosure policies
  • Security audit reports

Quick Start

Minimal working example:

# Security Policy

**Version:** 2.0
**Last Updated:** 2025-01-15
**Review Schedule:** Quarterly
**Owner:** Security Team
**Contact:** security@example.com

## Table of Contents

1. [Overview](#overview)
2. [Scope](#scope)
3. [Authentication & Access Control](#authentication--access-control)
4. [Data Protection](#data-protection)
5. [Application Security](#application-security)
6. [Infrastructure Security](#infrastructure-security)
7. [Incident Response](#incident-response)
8. [Compliance](#compliance)
9. [Security Training](#security-training)

---

## 1. Overview

### Purpose
// ... (see reference guides for full implementation)

Reference Guides

Detailed implementations in the references/ directory:

GuideContents
1 Password Requirements1 Password Requirements
2 Multi-Factor Authentication (MFA)2 Multi-Factor Authentication (MFA)
3 Role-Based Access Control (RBAC)3 Role-Based Access Control (RBAC)
1 Secure Coding Practices1 Secure Coding Practices
2 Security Headers2 Security Headers, 3 API Security

Best Practices

✅ DO

  • Follow principle of least privilege
  • Encrypt sensitive data
  • Implement MFA everywhere
  • Log security events
  • Regular security audits
  • Keep systems updated
  • Document security policies
  • Train employees regularly
  • Have incident response plan
  • Test backups regularly

❌ DON'T

  • Store passwords in plaintext
  • Skip input validation
  • Ignore security headers
  • Share credentials
  • Hardcode secrets in code
  • Skip security testing
  • Ignore vulnerability reports

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

api-security-hardening

No summary provided by upstream source.

Repository SourceNeeds Review
296-aj-geddes
Security

security-compliance-audit

No summary provided by upstream source.

Repository SourceNeeds Review
211-aj-geddes
Security

security-testing

No summary provided by upstream source.

Repository SourceNeeds Review
197-aj-geddes
Security

web-performance-audit

No summary provided by upstream source.

Repository SourceNeeds Review
163-aj-geddes