Skill: Security & IAM Domain Expert
Purpose
Ensure authentication, authorization, secrets, and audit requirements meet enterprise standards.
Inputs
- •SPEC Card
- •TEST Card
- •NFR TEST Card
- •World model
Output: Position Card (Security/IAM)
- •Claims:
- •AuthN approach (OIDC/SAML):
- •AuthZ model (RBAC/ABAC):
- •Directory integration (LDAP/AD):
- •Secrets handling:
- •Audit logging:
- •Risks:
- •Evidence pointers required:
- •Required approvals:
Rules
- •Any AuthZ or PII impact triggers security_signoff.
- •Missing audit logging = FAIL.