mirror of
https://github.com/wshobson/agents.git
synced 2026-03-18 17:47:16 +00:00
Consolidate workflows and tools from commands repository
Repository Restructure: - Move all 83 agent .md files to agents/ subdirectory - Add 15 workflow orchestrators from commands repo to workflows/ - Add 42 development tools from commands repo to tools/ - Update README for unified repository structure The commands repository functionality is now fully integrated, providing complete workflow orchestration and development tooling alongside agents. Directory Structure: - agents/ - 83 specialized AI agents - workflows/ - 15 multi-agent orchestration commands - tools/ - 42 focused development utilities No breaking changes to agent functionality - all agents remain accessible with same names and behavior. Adds workflow and tool commands for enhanced multi-agent coordination capabilities.
This commit is contained in:
Seth Hobson
68
workflows/security-hardening.md
Normal file
68
workflows/security-hardening.md
Normal file
@@ -0,0 +1,68 @@
|
||||
---
|
||||
model: claude-opus-4-1
|
||||
---
|
||||
|
||||
Implement security-first architecture and hardening measures with coordinated agent orchestration:
|
||||
|
||||
[Extended thinking: This workflow prioritizes security at every layer of the application stack. Multiple agents work together to identify vulnerabilities, implement secure patterns, and ensure compliance with security best practices.]
|
||||
|
||||
## Phase 1: Security Assessment
|
||||
|
||||
### 1. Initial Security Audit
|
||||
- Use Task tool with subagent_type="security-auditor"
|
||||
- Prompt: "Perform comprehensive security audit on: $ARGUMENTS. Identify vulnerabilities, compliance gaps, and security risks across all components."
|
||||
- Output: Vulnerability report, risk assessment, compliance gaps
|
||||
|
||||
### 2. Architecture Security Review
|
||||
- Use Task tool with subagent_type="backend-architect"
|
||||
- Prompt: "Review and redesign architecture for security: $ARGUMENTS. Focus on secure service boundaries, data isolation, and defense in depth. Use findings from security audit."
|
||||
- Output: Secure architecture design, service isolation strategy, data flow diagrams
|
||||
|
||||
## Phase 2: Security Implementation
|
||||
|
||||
### 3. Backend Security Hardening
|
||||
- Use Task tool with subagent_type="backend-architect"
|
||||
- Prompt: "Implement backend security measures for: $ARGUMENTS. Include authentication, authorization, input validation, and secure data handling based on security audit findings."
|
||||
- Output: Secure API implementations, auth middleware, validation layers
|
||||
|
||||
### 4. Infrastructure Security
|
||||
- Use Task tool with subagent_type="devops-troubleshooter"
|
||||
- Prompt: "Implement infrastructure security for: $ARGUMENTS. Configure firewalls, secure secrets management, implement least privilege access, and set up security monitoring."
|
||||
- Output: Infrastructure security configs, secrets management, monitoring setup
|
||||
|
||||
### 5. Frontend Security
|
||||
- Use Task tool with subagent_type="frontend-developer"
|
||||
- Prompt: "Implement frontend security measures for: $ARGUMENTS. Include CSP headers, XSS prevention, secure authentication flows, and sensitive data handling."
|
||||
- Output: Secure frontend code, CSP policies, auth integration
|
||||
|
||||
## Phase 3: Compliance and Testing
|
||||
|
||||
### 6. Compliance Verification
|
||||
- Use Task tool with subagent_type="security-auditor"
|
||||
- Prompt: "Verify compliance with security standards for: $ARGUMENTS. Check OWASP Top 10, GDPR, SOC2, or other relevant standards. Validate all security implementations."
|
||||
- Output: Compliance report, remediation requirements
|
||||
|
||||
### 7. Security Testing
|
||||
- Use Task tool with subagent_type="test-automator"
|
||||
- Prompt: "Create security test suites for: $ARGUMENTS. Include penetration tests, security regression tests, and automated vulnerability scanning."
|
||||
- Output: Security test suite, penetration test results, CI/CD integration
|
||||
|
||||
## Phase 4: Deployment and Monitoring
|
||||
|
||||
### 8. Secure Deployment
|
||||
- Use Task tool with subagent_type="deployment-engineer"
|
||||
- Prompt: "Implement secure deployment pipeline for: $ARGUMENTS. Include security gates, vulnerability scanning in CI/CD, and secure configuration management."
|
||||
- Output: Secure CI/CD pipeline, deployment security checks, rollback procedures
|
||||
|
||||
### 9. Security Monitoring Setup
|
||||
- Use Task tool with subagent_type="devops-troubleshooter"
|
||||
- Prompt: "Set up security monitoring and incident response for: $ARGUMENTS. Include intrusion detection, log analysis, and automated alerting."
|
||||
- Output: Security monitoring dashboards, alert rules, incident response procedures
|
||||
|
||||
## Coordination Notes
|
||||
- Security findings from each phase inform subsequent implementations
|
||||
- All agents must prioritize security in their recommendations
|
||||
- Regular security reviews between phases ensure nothing is missed
|
||||
- Document all security decisions and trade-offs
|
||||
|
||||
Security hardening target: $ARGUMENTS
|
||||
Reference in New Issue
Block a user