Agent-Skills.md

Agent Skills: Security Documentation

Create security policies, guidelines, compliance documentation, and security best practices. Use when documenting security policies, compliance requirements, or security guidelines.

UncategorizedID: aj-geddes/useful-ai-prompts/security-documentation

Repository

aj-geddes/useful-ai-prompts
aj-geddesLicense: MIT
607

Install this agent skill to your local

pnpm dlx add-skill https://github.com/aj-geddes/useful-ai-prompts/tree/HEAD/skills/security-documentation

Skill Files

Browse the full folder contents for security-documentation.

Download Skill

Loading file tree…

skills/security-documentation/SKILL.md

Skill Metadata

Name
security-documentation
Description
>

Security Documentation

Table of Contents

Overview

Create comprehensive security documentation including policies, guidelines, compliance requirements, and best practices for secure application development and operations.

When to Use

  • Security policies
  • Compliance documentation (SOC 2, GDPR, HIPAA)
  • Security guidelines and best practices
  • Incident response plans
  • Access control policies
  • Data protection policies
  • Vulnerability disclosure policies
  • Security audit reports

Quick Start

Minimal working example:

# Security Policy

**Version:** 2.0
**Last Updated:** 2025-01-15
**Review Schedule:** Quarterly
**Owner:** Security Team
**Contact:** security@example.com

## Table of Contents

1. [Overview](#overview)
2. [Scope](#scope)
3. [Authentication & Access Control](#authentication--access-control)
4. [Data Protection](#data-protection)
5. [Application Security](#application-security)
6. [Infrastructure Security](#infrastructure-security)
7. [Incident Response](#incident-response)
8. [Compliance](#compliance)
9. [Security Training](#security-training)

---

## 1. Overview

### Purpose
// ... (see reference guides for full implementation)

Reference Guides

Detailed implementations in the references/ directory:

| Guide | Contents | |---|---| | 1 Password Requirements | 1 Password Requirements | | 2 Multi-Factor Authentication (MFA) | 2 Multi-Factor Authentication (MFA) | | 3 Role-Based Access Control (RBAC) | 3 Role-Based Access Control (RBAC) | | 1 Secure Coding Practices | 1 Secure Coding Practices | | 2 Security Headers | 2 Security Headers, 3 API Security |

Best Practices

✅ DO

  • Follow principle of least privilege
  • Encrypt sensitive data
  • Implement MFA everywhere
  • Log security events
  • Regular security audits
  • Keep systems updated
  • Document security policies
  • Train employees regularly
  • Have incident response plan
  • Test backups regularly

❌ DON'T

  • Store passwords in plaintext
  • Skip input validation
  • Ignore security headers
  • Share credentials
  • Hardcode secrets in code
  • Skip security testing
  • Ignore vulnerability reports