A production-ready reference for building secure applications aligned with OWASP Top 10:2025 and NIST SSDF. Use this when implementing auth systems, handling user input that could trigger injection attacks, designing secure APIs, or conducting security reviews. It covers passkeys/WebAuthn as the 2026 primary auth method, parameterized queries for SQL injection prevention, and the new OWASP categories like supply chain failures. The quick reference tables are genuinely useful: authentication decision matrix, crypto implementation patterns, and breach cost data for justifying security work to management. Best for application security work, not infrastructure hardening or compliance-only questions.
npx skills add https://github.com/vasilyu1983/ai-agents-public --skill software-security-appsec