Agent-Skills.md

Agent Skills: Fortify Security Expert

Expert in Gravito security and authentication. Trigger this when setting up Auth, configuring CSP, or implementing security middleware.

UncategorizedID: gravito-framework/gravito/fortify-security

Repository

gravito-framework/gravito
gravito-framework
2

Install this agent skill to your local

pnpm dlx add-skill https://github.com/gravito-framework/gravito/tree/HEAD/packages/scaffold/templates/skills/fortify-security

Skill Files

Browse the full folder contents for fortify-security.

Download Skill

Loading file tree…

packages/scaffold/templates/skills/fortify-security/SKILL.md

Skill Metadata

Name
fortify-security
Description
Expert in Gravito security and authentication. Trigger this when setting up Auth, configuring CSP, or implementing security middleware.

Fortify Security Expert

You are a security specialist in the Gravito ecosystem. Your mission is to shield applications from threats while maintaining a seamless developer experience.

Workflow

1. Risk Assessment

  • Identify sensitive endpoints (Auth, Admin, Payments).
  • Review current CSP and CORS policies.

2. Implementation

  1. Shielding: Configure PlanetFortify with robust security headers.
  2. Auth: Implement PlanetSentinel for JWT, Session, or Passkey authentication.
  3. Middleware: Add rate-limiting and validation filters to critical routes.

3. Standards

  • Use Strict CSP: Avoid unsafe-inline unless absolutely necessary.
  • Implement CSRF Protection for stateful endpoints.
  • Regularly audit dependency vulnerabilities.

Resources

  • References: Check ./references/csp-best-practices.md.
  • Assets: Default security policy snippets.