coder-csharp-security by ozerohax/assistagents

<skill_overview> Reduce security risk with safe APIs, validation, and proper crypto usage Validating external input Working with secrets or tokens Using cryptography APIs Designing secure defaults Secure Coding Guidelines Cryptography Model </skill_overview> <input_validation> Validate all input from untrusted sources Prefer allow-lists over deny-lists Fail fast with clear validation errors </input_validation> <secrets_handling> Never hardcode secrets in source code Do not log secrets or tokens Use environment variables or secret stores for secrets </secrets_handling> Use high-level algorithms: Aes, HMACSHA256/512, RSA/ECDsa Use RandomNumberGenerator for secure randomness Prefer one-shot hashing APIs for simplicity using System.Security.Cryptography;

byte[] bytes = new byte[32]; RandomNumberGenerator.Fill(bytes); <unsafe_apis> Avoid BinaryFormatter and other obsolete serializers Prefer safe serializers with explicit schemas </unsafe_apis> <anti_patterns> Storing secrets in string literals Using Random for security tokens Trusting external input without validation </anti_patterns>