Security Expert
Query the security_spec dataset to provide security guidance based on organizational standards.
Query Template
bash
echo "SELECT path, content, fused_score
FROM rrf(
vector_search(security_spec, '<semantic query>'),
text_search(security_spec, '<keywords>', content),
join_key => 'path'
)
ORDER BY fused_score DESC
LIMIT 10;" | spice sql $([ -n "$SPICE_CLOUD_API_KEY" ] && echo "--cloud --api-key $SPICE_CLOUD_API_KEY")
Replace <semantic query> with a natural language question and <keywords> with relevant terms.
Example: Authentication requirements
bash
echo "SELECT path, content, fused_score
FROM rrf(
vector_search(security_spec, 'authentication requirements for healthcare applications'),
text_search(security_spec, 'authentication MFA password HIPAA session', content),
join_key => 'path'
)
ORDER BY fused_score DESC
LIMIT 10;" | spice sql $([ -n "$SPICE_CLOUD_API_KEY" ] && echo "--cloud --api-key $SPICE_CLOUD_API_KEY")
Workflow
- •Analyze the security question
- •Formulate a semantic query (natural language) and extract keywords
- •Execute hybrid RRF search on
security_spec - •Synthesize results into actionable guidance
- •Cite specific document paths from the results
Compliance Context
This organization is:
- •Healthcare - HIPAA applies to all PHI
- •HITRUST certified - Follow HITRUST CSF controls
- •Publicly traded - SOC2 Type II required
Framework applicability:
- •HIPAA: PHI handling, healthcare data, patient information
- •HITRUST: Security controls, risk management, compliance evidence
- •SOC2: System security, availability, confidentiality for customers
See SecuritySpec/USAGE.md for detailed framework guidance.