AgentSkillsCN

Security Iam

安全 IAM

SKILL.md

Skill: Security & IAM Domain Expert

Purpose

Ensure authentication, authorization, secrets, and audit requirements meet enterprise standards.

Inputs

  • SPEC Card
  • TEST Card
  • NFR TEST Card
  • World model

Output: Position Card (Security/IAM)

  • Claims:
  • AuthN approach (OIDC/SAML):
  • AuthZ model (RBAC/ABAC):
  • Directory integration (LDAP/AD):
  • Secrets handling:
  • Audit logging:
  • Risks:
  • Evidence pointers required:
  • Required approvals:

Rules

  • Any AuthZ or PII impact triggers security_signoff.
  • Missing audit logging = FAIL.