Agent-Skills.md

Agent Skills: Secure C Coding

Secure C Coding security skill

UncategorizedID: mgreenly/ikigai/security/secure-c

Repository

mgreenly/ikigai
mgreenlyLicense: MIT-0
1

Install this agent skill to your local

pnpm dlx add-skill https://github.com/mgreenly/ikigai/tree/HEAD/.claude/library/security/secure-c

Skill Files

Browse the full folder contents for security/secure-c.

Download Skill

Loading file tree…

.claude/library/security/secure-c/SKILL.md

Skill Metadata

Name
security/secure-c
Description
Secure C Coding security skill

Secure C Coding

Avoid dangerous functions, use safe alternatives, enable compiler hardening.

Banned Functions → Safe Alternatives

| Banned | Why | Use Instead | |--------|-----|-------------| | strcpy | No bounds | strncpy, strlcpy, snprintf | | strcat | No bounds | strncat, strlcat | | sprintf | No bounds | snprintf | | gets | Always unsafe | fgets | | scanf("%s") | No bounds | scanf("%Ns") with width | | mktemp | Race condition | mkstemp | | atoi | No error detection | strtol with validation |

Compiler Hardening

CFLAGS += -fstack-protector-strong  # Stack canaries
CFLAGS += -D_FORTIFY_SOURCE=2       # Runtime buffer checks
CFLAGS += -fPIE -pie                # ASLR for executables
LDFLAGS += -Wl,-z,relro,-z,now      # GOT protection

Static Analysis

  • make lint - clang-tidy checks
  • cppcheck --enable=all
  • Compiler warnings: -Wall -Wextra -Werror

Review red flags: Any banned function, missing bounds on string ops, char buf[N] with unchecked input.