security-authorization
Security Authorization
Overview
Use this skill to build authorization systems that enforce least privilege across APIs, UI actions, and background jobs.
Scope Boundaries
- Role/permission models are being introduced or revised.
- Resource-scoped access control must be consistent across services.
- Privileged workflows require explicit separation-of-duty controls.
Templates And Assets
- Authorization policy matrix:
assets/authorization-policy-matrix-template.md
Inputs To Gather
- Actor categories, resources, and sensitive actions.
- Data classification and tenant or domain boundaries.
- Existing policy model and enforcement points (API gateway, service layer, DB layer).
- Abuse scenarios (horizontal/vertical privilege escalation, confused deputy, missing object-level checks).
Deliverables
- Authorization model (RBAC, ABAC, ReBAC, or hybrid) with policy decision rules.
- Enforcement map (where decisions are made and where they are enforced).
- Default-deny and exception policy with break-glass controls.
- Verification plan for privilege escalation and cross-tenant isolation tests.
Workflow
- Enumerate subject-action-resource tuples and fill
assets/authorization-policy-matrix-template.md. - Select model based on change frequency, policy complexity, and auditability requirements.
- Define canonical policy evaluation order and conflict resolution rules.
- Ensure object-level authorization is checked server-side for every mutable/read-sensitive path.
- Specify admin and break-glass flows with time limits, approval, and audit logging.
- Validate policy propagation consistency across UI hints and backend enforcement.
- Run abuse-case tests for IDOR, privilege creep, and stale privilege revocation.
Quality Standard
- Authorization decisions are default-deny and centrally explainable.
- Every privileged operation has a single source of policy truth.
- Policy updates are auditable and revocation latency is acceptable.
- Cross-tenant and cross-domain boundaries are explicitly tested.
Failure Conditions
- Stop when enforcement relies on client-side checks.
- Stop when policy conflicts are unresolved or implicit.
- Escalate when least-privilege requirements cannot be implemented without structural change.
More from kentoshimizu/sw-agent-skills
graph-algorithms
Graph algorithm workflow for modeling entities/relations and selecting traversal, path, ordering, or flow strategies. Use when correctness or performance depends on graph representation and algorithm choice; do not use for schema-only modeling or deployment topology planning.
14bash-style-guide
Style, review, and refactoring standards for Bash shell scripting. Trigger when `.sh` files, files with `#!/usr/bin/env bash` or `#!/bin/bash`, or CI workflow blocks with `shell: bash` are created, modified, or reviewed and Bash-specific quality controls (quoting safety, error handling, portability, readability) must be enforced. Do not use for generic POSIX `sh`, PowerShell, or language-specific application style rules. In multi-language pull requests, run together with other applicable `*-style-guide` skills.
11architecture-clean-architecture
Clean Architecture workflow for enforcing dependency direction, stable domain boundaries, and use-case-centered application design. Use when teams must separate business rules from frameworks and delivery mechanisms; do not use for isolated module cleanup without boundary implications.
11powershell-style-guide
Style, review, and refactoring standards for PowerShell scripting. Trigger when `.ps1`, `.psm1`, `.psd1` files, or CI workflow blocks with `shell: pwsh` or `shell: powershell` are created, modified, or reviewed and PowerShell-specific quality controls (error handling, parameter validation, readability, operational safety) must be enforced. Do not use for Bash, generic POSIX `sh`, or language-specific application style rules. In multi-language pull requests, run together with other applicable `*-style-guide` skills.
10github-codeowners-management
Govern CODEOWNERS rules so review routing reflects real ownership and risk boundaries on GitHub. Use when repository ownership mapping or mandatory reviewer rules must be defined, updated, or audited; do not use for non-GitHub runtime architecture or data-layer design.
9security-authentication
Security workflow for authentication architecture, credential lifecycle, and session/token assurance. Use when login, identity proofing, MFA, or session security decisions are required; do not use for authorization policy design or non-security quality tuning.
9