Security Hardening
When to Use This Skill
Use when changes could affect runtime security, dependency risk, or deployment posture.
Hardening Workflow
- •Review dependency and runtime changes for risk.
- •Ensure least-privilege defaults for container and Kubernetes settings.
- •Ensure secrets are not committed and not hardcoded in configs.
- •Verify request handling and error responses do not leak sensitive internals.
- •Run available validation checks and document mitigations.
- •Update root
README.mdif security-relevant workflow changed.
Security Guardrails
- •Prefer non-root containers and dropped Linux capabilities.
- •Keep image and dependencies minimal and up to date.
- •Avoid hardcoded credentials, API keys, and secrets in repo files.
- •Keep failure messages safe (no stack traces/secrets in production responses).