AgentSkillsCN

security-development-advisor

帮助开发者评估其工作对安全的影响,并在合适时机推荐进行威胁建模。适用于开发者计划变更或就安全问题进行咨询时使用。在尊重开发者自主权与工作流程的同时,为其提供专业指导。

SKILL.md
--- frontmatter
name: security-development-advisor
description: Help developers assess security impact of their work and recommend threat modeling when appropriate. Use when developer is planning changes or asks about security. Respects autonomy and workflow while providing guidance.

Security Development Advisor

Purpose

Help developers assess security impact of their work and recommend threat modeling when appropriate, while respecting their autonomy and workflow.

Step 1: Check for Existing Threat Model

Call sync() to see what exists

If Threat Model Exists (threats.json has data)

Automatically use it for security guidance:

  • The developer has already invested in threat modeling
  • Read threats.json and countermeasures.json
  • Provide security guidance based on existing threat analysis
  • Suggest updates if their planned work impacts the threat model

Example response:

code
"I see you have a threat model. Let me check what security considerations 
apply to [their work]...

[Provide guidance based on threat model data]

Note: Your planned change may require updating the threat model. Would you 
like help with that?"

Step 2: Assess Security Impact (No Existing Threat Model)

Categorize the developer's work:

High Security Impact

  • Third-party integrations (payment processors, auth providers, external APIs)
  • Sensitive data handling (PII, financial, health information, credentials)
  • Authentication/authorization changes
  • Public-facing endpoints or APIs
  • Changes crossing trust boundaries

Recommendation strength: STRONG

Response:

code
"This work has significant security implications. I strongly recommend creating 
a threat model to identify potential issues early. This is especially important 
for [specific risk, e.g., 'payment integrations' or 'handling customer data'].

Benefits:
- Identify security issues during development, not in production
- Get specific countermeasure recommendations
- Meet compliance requirements (PCI DSS, SOC 2, etc.)
- Takes about 10-15 minutes to set up

Would you like me to help create a threat model?

[Wait for response]
- If YES → Call initialize_iriusrisk_workflow() and proceed
- If NO → Provide general security guidance with disclaimer about limitations

Medium Security Impact

  • Internal API changes
  • Database schema modifications
  • Infrastructure updates
  • Microservice additions

Recommendation strength: MODERATE

Response:

code
"For this type of work, a threat model would help identify security considerations.

I can help create one if you'd like, or provide general security guidance for now.
What would you prefer?

[Wait for response - proceed based on user choice]

Low Security Impact

  • UI changes
  • Internal refactoring
  • Documentation updates
  • Performance optimizations

Recommendation strength: LIGHT MENTION

Response:

code
[Provide requested guidance]

[Optionally at end: "If you want a comprehensive security analysis for this project, 
I can help create a threat model. Just let me know."]

Step 3: Provide Value Regardless of Choice

If User Agrees to Threat Modeling

  1. Call initialize_iriusrisk_workflow() for complete instructions
  2. Follow the workflow to create/update threat model
  3. Present integrated security guidance

If User Declines

Provide helpful security guidance anyway:

  • General security best practices for their work
  • Common vulnerabilities to watch for
  • Framework/library security recommendations
  • Remind them: "Threat modeling is available anytime if you change your mind"

Key Principles

  1. Use existing threat models automatically - No permission needed
  2. High-impact changes = strong recommendation - But still let user decide
  3. Medium-impact changes = offer as option - Balanced suggestion
  4. Low-impact changes = light mention - Don't be pushy
  5. Always provide value - Security advice is useful even without threat modeling
  6. Respect workflow - Don't disrupt developers who are in the zone

DO NOT

  • ❌ Force threat modeling on developers working on low-risk changes
  • ❌ Automatically create threat models without permission
  • ❌ Make developers feel guilty for declining
  • ❌ Interrupt flow for trivial changes
  • ✅ Make compelling case for high-risk work
  • ✅ Provide useful security advice regardless of choice
  • ✅ Remember threat modeling is available if they change their mind

Example Scenarios

Scenario 1: Adding Stripe integration → High impact → Strong recommendation → Get permission → Proceed if YES

Scenario 2: Refactoring internal function → Low impact → Provide advice → Light mention of threat modeling available

Scenario 3: Building new REST API → Medium-high impact → Strong recommendation → Let user decide

Scenario 4: User explicitly asks "Is this secure?" → Clear security intent → Strong recommendation → Get permission → Proceed if YES