oracle-securitylisted

Security architecture and threat modeling knowledge. Auto-invokes when designing features that handle untrusted data, authentication, authorization, external integrations, file uploads, or sensitive data. Provides risk assessment frameworks, trust boundary analysis, and security design principles — not implementation code.
martinffx/atelier · ★ 28 · AI & Automation · score 83

Install: claude install-skill martinffx/atelier

# oracle-security: Security Architecture & Threat Modeling ## When to Use Auto-invokes when context contains: - Authentication, authorization, session management - User input, validation, untrusted data - External integrations, webhooks, third-party APIs - File uploads, data processing - Encryption, hashing, secrets, sensitive data - Security concerns, vulnerabilities, threats ## The Security Mindset ### Core Principles 1. **Validate at Boundaries** — Every entry point is a trust boundary. Assume everything that crosses it is hostile until proven otherwise. 2. **Never Trust the Client** — Client-side validation, hidden fields, and browser headers are UX conveniences, not security controls. The server is the only security boundary that matters. 3. **Fail Closed** — Deny by default. When in doubt, reject. When validation fails, stop. When auth is uncertain, deny. "Fail open" is an accidental backdoor. 4. **Defense in Depth** — No single control should be the only thing preventing compromise. Layer them so that bypassing one still leaves others. 5. **Least Privilege** — Every component should have the minimum access necessary to do its job, and only for the minimum time required. 6. **Compartmentalize** — A breach in one area should not automatically grant access to everything else. Isolate by function, data sensitivity, and trust level. ### The Trust Boundary Model ``` External World → [Trust Boundary] → Internal System ↑