dpnmw/agents
1
0
Fork 0
mirror of https://github.com/wshobson/agents.git synced 2026-03-18 09:37:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
0b02c4a193255c1e90ffbb2be97eee143b0679ce
agents/workflows/security-hardening.md
Seth Hobson ce7a5938c1 Consolidate workflows and tools from commands repository 
Repository Restructure:
- Move all 83 agent .md files to agents/ subdirectory
- Add 15 workflow orchestrators from commands repo to workflows/
- Add 42 development tools from commands repo to tools/
- Update README for unified repository structure

This prepares the repository for unified plugin marketplace integration.
The commands repository functionality is now fully integrated, providing
complete workflow orchestration and development tooling alongside agents.

Directory Structure:
- agents/    - 83 specialized AI agents
- workflows/ - 15 multi-agent orchestration commands
- tools/     - 42 focused development utilities

No breaking changes to agent functionality - all agents remain accessible
with same names and behavior. Adds workflow and tool commands for enhanced
multi-agent coordination capabilities.
2025-10-08 08:25:17 -04:00

3.6 KiB
Raw Blame History

model
model
claude-opus-4-1

Implement security-first architecture and hardening measures with coordinated agent orchestration:

[Extended thinking: This workflow prioritizes security at every layer of the application stack. Multiple agents work together to identify vulnerabilities, implement secure patterns, and ensure compliance with security best practices.]

Phase 1: Security Assessment

1. Initial Security Audit

  • Use Task tool with subagent_type="security-auditor"
  • Prompt: "Perform comprehensive security audit on: $ARGUMENTS. Identify vulnerabilities, compliance gaps, and security risks across all components."
  • Output: Vulnerability report, risk assessment, compliance gaps

2. Architecture Security Review

  • Use Task tool with subagent_type="backend-architect"
  • Prompt: "Review and redesign architecture for security: $ARGUMENTS. Focus on secure service boundaries, data isolation, and defense in depth. Use findings from security audit."
  • Output: Secure architecture design, service isolation strategy, data flow diagrams

Phase 2: Security Implementation

3. Backend Security Hardening

  • Use Task tool with subagent_type="backend-architect"
  • Prompt: "Implement backend security measures for: $ARGUMENTS. Include authentication, authorization, input validation, and secure data handling based on security audit findings."
  • Output: Secure API implementations, auth middleware, validation layers

4. Infrastructure Security

  • Use Task tool with subagent_type="devops-troubleshooter"
  • Prompt: "Implement infrastructure security for: $ARGUMENTS. Configure firewalls, secure secrets management, implement least privilege access, and set up security monitoring."
  • Output: Infrastructure security configs, secrets management, monitoring setup

5. Frontend Security

  • Use Task tool with subagent_type="frontend-developer"
  • Prompt: "Implement frontend security measures for: $ARGUMENTS. Include CSP headers, XSS prevention, secure authentication flows, and sensitive data handling."
  • Output: Secure frontend code, CSP policies, auth integration

Phase 3: Compliance and Testing

6. Compliance Verification

  • Use Task tool with subagent_type="security-auditor"
  • Prompt: "Verify compliance with security standards for: $ARGUMENTS. Check OWASP Top 10, GDPR, SOC2, or other relevant standards. Validate all security implementations."
  • Output: Compliance report, remediation requirements

7. Security Testing

  • Use Task tool with subagent_type="test-automator"
  • Prompt: "Create security test suites for: $ARGUMENTS. Include penetration tests, security regression tests, and automated vulnerability scanning."
  • Output: Security test suite, penetration test results, CI/CD integration

Phase 4: Deployment and Monitoring

8. Secure Deployment

  • Use Task tool with subagent_type="deployment-engineer"
  • Prompt: "Implement secure deployment pipeline for: $ARGUMENTS. Include security gates, vulnerability scanning in CI/CD, and secure configuration management."
  • Output: Secure CI/CD pipeline, deployment security checks, rollback procedures

9. Security Monitoring Setup

  • Use Task tool with subagent_type="devops-troubleshooter"
  • Prompt: "Set up security monitoring and incident response for: $ARGUMENTS. Include intrusion detection, log analysis, and automated alerting."
  • Output: Security monitoring dashboards, alert rules, incident response procedures

Coordination Notes

  • Security findings from each phase inform subsequent implementations
  • All agents must prioritize security in their recommendations
  • Regular security reviews between phases ensure nothing is missed
  • Document all security decisions and trade-offs

Security hardening target: $ARGUMENTS

Reference in New Issue View Git Blame Copy Permalink