open-source
🔓 Open Source Policy Skill
🎯 Purpose
This skill ensures all open source activities demonstrate security excellence through transparency as defined in the Hack23 Open Source Policy. It applies to all Hack23-owned repositories, external contributions, and third-party open source usage.
Core principle: Open source transparency creates competitive advantage through systematic security excellence and publicly verifiable governance.
📋 Rules
🎖️ Security Posture Evidence (Required Badges)
MUST display these security badges in README.md:
🏆 Security Assessment Badges
- OpenSSF Scorecard: Supply chain security assessment ≥7.0 score
- CII Best Practices: At least "Passing" level
- SLSA Level 3: Build provenance and integrity attestation
- Quality Gate: SonarCloud or equivalent showing "Passed" status
More from hack23/homepage
github-actions-cicd
GitHub Actions workflow structure, security scanning integration (CodeQL, ZAP), Lighthouse audits, minification, and deployment automation
108html-css-best-practices
Semantic HTML5, CSS custom properties, responsive design, and performance optimization for web development
91agentic-workflow-orchestration
Multi-agent coordination, orchestrator-worker patterns, /plan decomposition, and project coordination for GitHub Agentic Workflows
61product-documentation
Product documentation standards covering user guides, feature documentation, release notes, and end-user communication
52c4-modeling
C4 model (Context, Container, Component, Code) diagram patterns with Mermaid syntax for architecture documentation
33cryptography
Approved cryptographic algorithms, TLS enforcement, key management, and certificate handling per Hack23 Cryptographic Controls Policy
32