This consolidates four security practices into one workflow: STRIDE threat modeling, secure design patterns, OWASP Top 10 code review, and compliance checking for GDPR, HIPAA, SOC2, and PCI-DSS. It's built around the idea that security should be baked in from the start rather than patched in later. You'd reach for this when designing new systems or auditing existing ones where you need to think through threats, architectural decisions, code vulnerabilities, and regulatory requirements in one pass. The consolidation is smart since these concerns overlap heavily in practice. From daffy0208's ai-dev-standards repo with 28 stars and passing security audits across Gen Agent Trust Hub, Socket, and Snyk.
npx skills add https://github.com/daffy0208/ai-dev-standards --skill security-architect