dpnmw/agents
1
0
Fork 0
mirror of https://github.com/wshobson/agents.git synced 2026-03-18 09:37:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
1072d9278eda815f1af676c31e234980e83e22bd
agents/workflows/security-hardening.md
Seth Hobson 3802bca865 Refine plugin marketplace for launch readiness 
Plugin Scope Improvements:
- Remove language-specialists plugin (not task-focused)
- Split specialized-domains into 5 focused plugins:
  * blockchain-web3 - Smart contract development only
  * quantitative-trading - Financial modeling and trading only
  * payment-processing - Payment gateway integration only
  * game-development - Unity and Minecraft only
  * accessibility-compliance - WCAG auditing only
- Split business-operations into 3 focused plugins:
  * business-analytics - Metrics and reporting only
  * hr-legal-compliance - HR and legal docs only
  * customer-sales-automation - Support and sales workflows only
- Fix infrastructure-devops scope:
  * Remove database concerns (db-migrate, database-admin)
  * Remove observability concerns (observability-engineer)
  * Move slo-implement to incident-response
  * Focus purely on container orchestration (K8s, Docker, Terraform)
- Fix customer-sales-automation scope:
  * Remove content-marketer (unrelated to customer/sales workflows)

Marketplace Statistics:
- Total plugins: 27 (was 22)
- Tool coverage: 100% (42/42 tools referenced)
- Fat plugins removed: 3 (language-specialists, specialized-domains, business-operations)
- All plugins now have clear, focused tasks

Model Migration:
- Migrate all 42 tools from claude-sonnet-4-0/opus-4-1 to model: sonnet
- Migrate all 15 workflows from claude-opus-4-1 to model: sonnet
- Use short model syntax consistent with agent files

Documentation Updates:
- Update README.md with refined plugin structure
- Update plugin descriptions to be task-focused
- Remove anthropomorphic and marketing language
- Improve category organization (now 16 distinct categories)

Ready for October 9, 2025 @ 9am PST launch
2025-10-08 20:54:29 -04:00

3.6 KiB
Raw Blame History

model
model
sonnet

Implement security-first architecture and hardening measures with coordinated agent orchestration:

[Extended thinking: This workflow prioritizes security at every layer of the application stack. Multiple agents work together to identify vulnerabilities, implement secure patterns, and ensure compliance with security best practices.]

Phase 1: Security Assessment

1. Initial Security Audit

  • Use Task tool with subagent_type="security-auditor"
  • Prompt: "Perform comprehensive security audit on: $ARGUMENTS. Identify vulnerabilities, compliance gaps, and security risks across all components."
  • Output: Vulnerability report, risk assessment, compliance gaps

2. Architecture Security Review

  • Use Task tool with subagent_type="backend-architect"
  • Prompt: "Review and redesign architecture for security: $ARGUMENTS. Focus on secure service boundaries, data isolation, and defense in depth. Use findings from security audit."
  • Output: Secure architecture design, service isolation strategy, data flow diagrams

Phase 2: Security Implementation

3. Backend Security Hardening

  • Use Task tool with subagent_type="backend-architect"
  • Prompt: "Implement backend security measures for: $ARGUMENTS. Include authentication, authorization, input validation, and secure data handling based on security audit findings."
  • Output: Secure API implementations, auth middleware, validation layers

4. Infrastructure Security

  • Use Task tool with subagent_type="devops-troubleshooter"
  • Prompt: "Implement infrastructure security for: $ARGUMENTS. Configure firewalls, secure secrets management, implement least privilege access, and set up security monitoring."
  • Output: Infrastructure security configs, secrets management, monitoring setup

5. Frontend Security

  • Use Task tool with subagent_type="frontend-developer"
  • Prompt: "Implement frontend security measures for: $ARGUMENTS. Include CSP headers, XSS prevention, secure authentication flows, and sensitive data handling."
  • Output: Secure frontend code, CSP policies, auth integration

Phase 3: Compliance and Testing

6. Compliance Verification

  • Use Task tool with subagent_type="security-auditor"
  • Prompt: "Verify compliance with security standards for: $ARGUMENTS. Check OWASP Top 10, GDPR, SOC2, or other relevant standards. Validate all security implementations."
  • Output: Compliance report, remediation requirements

7. Security Testing

  • Use Task tool with subagent_type="test-automator"
  • Prompt: "Create security test suites for: $ARGUMENTS. Include penetration tests, security regression tests, and automated vulnerability scanning."
  • Output: Security test suite, penetration test results, CI/CD integration

Phase 4: Deployment and Monitoring

8. Secure Deployment

  • Use Task tool with subagent_type="deployment-engineer"
  • Prompt: "Implement secure deployment pipeline for: $ARGUMENTS. Include security gates, vulnerability scanning in CI/CD, and secure configuration management."
  • Output: Secure CI/CD pipeline, deployment security checks, rollback procedures

9. Security Monitoring Setup

  • Use Task tool with subagent_type="devops-troubleshooter"
  • Prompt: "Set up security monitoring and incident response for: $ARGUMENTS. Include intrusion detection, log analysis, and automated alerting."
  • Output: Security monitoring dashboards, alert rules, incident response procedures

Coordination Notes

  • Security findings from each phase inform subsequent implementations
  • All agents must prioritize security in their recommendations
  • Regular security reviews between phases ensure nothing is missed
  • Document all security decisions and trade-offs

Security hardening target: $ARGUMENTS

Reference in New Issue View Git Blame Copy Permalink