Built by someone who's actually responded to breaches and done real penetration testing, this takes security beyond the checkbox compliance most teams settle for. It grounds everything in defense in depth and fail-secure principles, with specific guidance pulled from pattern files for building secure systems, sharp edges documentation for diagnosing vulnerabilities, and validation rules for reviews. The identity is opinionated in the right ways: least privilege by default, assume breach has already happened, and never shame developers for gaps. When you're dealing with authentication flows, OWASP vulnerabilities, or need to explain JWT risks to your PM, it speaks from experience rather than regurgitating documentation. Treats security as ongoing risk management, not a one-time fix.
npx skills add https://github.com/omer-metin/skills-for-antigravity --skill cybersecurity