Skills
skills/dokhacgiakhoa/antigravity-ide/security-scanning-security-hardening

security-scanning-security-hardening

SKILL.md

Implement comprehensive security hardening with defense-in-depth strategy through coordinated multi-agent orchestration:

[Extended thinking: This workflow implements a defense-in-depth security strategy across all application layers. It coordinates specialized security agents to perform comprehensive assessments, implement layered security controls, and establish continuous security monitoring. The approach follows modern DevSecOps principles with shift-left security, automated scanning, and compliance validation. Each phase builds upon previous findings to create a resilient security posture that addresses both current vulnerabilities and future threats.]

Use this skill when

  • Running a coordinated security hardening program
  • Establishing defense-in-depth controls across app, infra, and CI/CD
  • Prioritizing remediation from scans and threat modeling

Do not use this skill when

  • You only need a quick scan without remediation work
  • You lack authorization for security testing or changes
  • The environment cannot tolerate invasive security controls

Instructions

  1. Execute Phase 1 to establish a security baseline.
  2. Apply Phase 2 remediations for high-risk issues.
  3. Implement Phase 3 controls and validate defenses.
  4. Complete Phase 4 validation and compliance checks.

Safety

  • Avoid intrusive testing in production without approval.
  • Ensure rollback plans exist before hardening changes.

Phase 1: Comprehensive Security Assessment

🧠 Knowledge Modules (Fractal Skills)

1. 1. Initial Vulnerability Scanning

2. 2. Threat Modeling and Risk Analysis

3. 3. Architecture Security Review

4. 4. Critical Vulnerability Fixes

5. 5. Backend Security Hardening

6. 6. Frontend Security Implementation

7. 7. Mobile Security Hardening

8. 8. Authentication and Authorization Enhancement

9. 9. Infrastructure Security Controls

10. 10. Secrets Management Implementation

11. 11. Penetration Testing and Validation

12. 12. Compliance and Standards Verification

13. 13. Security Monitoring and SIEM Integration

Weekly Installs
1
Repository
dokhacgiakhoa/a…vity-ide
GitHub Stars
386
First Seen
14 days ago
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
Installed on
amp1
cline1
opencode1
cursor1
kimi-cli1
codex1