Aiwg security-gate

Name: security-gate
Author: jmagly

Enforce minimum security criteria before iteration close or release

install

source · Clone the upstream repo

git clone https://github.com/jmagly/aiwg

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/jmagly/aiwg "$T" && mkdir -p ~/.claude/skills && cp -r "$T/agentic/code/frameworks/sdlc-complete/skills/security-gate" ~/.claude/skills/jmagly-aiwg-security-gate-2e4268 && rm -rf "$T"

manifest: agentic/code/frameworks/sdlc-complete/skills/security-gate/SKILL.md

source content

Security Gate (SDLC)

Criteria

Approved threat model with mitigations or accepted risks
Zero open critical vulnerabilities; highs triaged with owners/dates
SBOM generated and reviewed (if applicable)
Secrets policy verified; no hardcoded secrets

Output

```
security-gate-report.md
```
with pass/fail and remediation tasks

References

@$AIWG_ROOT/agentic/code/addons/aiwg-utils/rules/vague-discretion.md — Gate criteria must be concrete and verifiable (zero open criticals, SBOM present); never "acceptable risk" without documentation
@$AIWG_ROOT/agentic/code/addons/aiwg-utils/rules/human-authorization.md — Fail the gate and escalate to human; do not autonomously accept or close security findings
@$AIWG_ROOT/agentic/code/frameworks/sdlc-complete/rules/token-security.md — Token security policy this gate verifies (no hardcoded secrets)
@$AIWG_ROOT/agentic/code/frameworks/sdlc-complete/skills/security-audit/SKILL.md — Upstream audit skill whose findings feed into this gate's pass/fail evaluation
@$AIWG_ROOT/agentic/code/frameworks/sdlc-complete/skills/check-traceability/SKILL.md — Traceability verification that may be required as a security gate prerequisite