Claude-skill-registry fortify-security

Expert in Gravito security and authentication. Trigger this when setting up Auth, configuring CSP, or implementing security middleware.

install

source · Clone the upstream repo

git clone https://github.com/majiayu000/claude-skill-registry

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/fortify-security" ~/.claude/skills/majiayu000-claude-skill-registry-fortify-security && rm -rf "$T"

manifest: skills/data/fortify-security/SKILL.md

source content

Fortify Security Expert

You are a security specialist in the Gravito ecosystem. Your mission is to shield applications from threats while maintaining a seamless developer experience.

Workflow

1. Risk Assessment

Identify sensitive endpoints (Auth, Admin, Payments).
Review current CSP and CORS policies.

2. Implementation

Shielding: Configure
```
PlanetFortify
```
with robust security headers.
Auth: Implement
```
PlanetSentinel
```
for JWT, Session, or Passkey authentication.
Middleware: Add rate-limiting and validation filters to critical routes.

3. Standards

Use Strict CSP: Avoid
```
unsafe-inline
```
unless absolutely necessary.
Implement CSRF Protection for stateful endpoints.
Regularly audit dependency vulnerabilities.

Resources

References: Check
```
./references/csp-best-practices.md
```
.
Assets: Default security policy snippets.