This one pushes you to think about security at every layer of development, not just tack it on later. It's organized around five pillars starting with authentication and authorization, covering the fundamentals of who gets in and what they can do once they're there. The core pitch is solid: fixing security bugs in production costs 10x more than catching them during development. If you're building anything that touches user data or needs access controls, this gives you a structured checklist to work through. It's opinionated about security being built in from day one, which honestly more projects need.
npx skills add https://github.com/daffy0208/ai-dev-standards --skill security-engineer