This is a comprehensive security reference that surfaces 20 rules across authentication, OWASP Top 10, LLM safety, and PII masking when you're working in auth, middleware, or security-related code paths. It ships with a pre-tool hook that blocks dangerous bash commands and includes practical snippets for Argon2id password hashing, JWT token generation with 15-minute expiry, Zod schema validation, and Langfuse PII masking. The LLM safety section is especially thorough, enforcing context separation so sensitive IDs flow around the model rather than through it, plus a four-stage output validation pipeline. If you're building anything that touches user credentials, handles untrusted input, or integrates LLMs into production workflows, this gives you opinionated guardrails and code samples that default to the paranoid choice.
npx skills add https://github.com/yonatangross/orchestkit --skill security-patterns