This is your go-to when you're writing backend code where security can't be an afterthought. It covers the practical stuff: input validation, parameterized queries, JWT handling, CSRF tokens, secure headers, and API rate limiting. The source distinguishes it from a security auditor by focusing on actual implementation rather than high-level assessments. Strong on defensive patterns like allowlisting, context-aware encoding, and secrets management across different infrastructure. The behavioral traits section is worth skimming because it pushes you toward secure defaults and defense-in-depth thinking. Useful whether you're building authentication from scratch or reviewing code for common vulnerabilities like SQL injection or SSRF.
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill backend-security-coder