This is your deployment security checklist in skill form. It tells you exactly when to apply rate limiting versus CSRF protection, walks through the full environment variable setup for Clerk and Convex projects, and gives you a pre-deployment checklist you can actually run through. The decision matrix for middleware combinations is genuinely useful because it's easy to over-apply or under-apply protections. The environment variable section is thorough, including the actual commands to generate secrets and a validation function you can drop into your config. If you're deploying a Next.js app with authentication and want to avoid the usual "did I forget to set that env var" panic, this covers the operational stuff that doesn't fit in other security skills.
npx skills add https://github.com/harperaa/secure-claude-skills --skill security-operations-deployment