Stats
Actions
Tags
From billy-milligan
Guides security architecture for auth/authorization including JWT rotation, OAuth2/OIDC, encryption at-rest/in-transit, OWASP top 10, zero-trust patterns, mTLS, RLS multi-tenancy. Use when designing or reviewing secure services.
How this skill is triggered — by the user, by Claude, or both
Slash command
/billy-milligan:security-architectureThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
- Designing authentication/authorization for a new service
references/auth-patterns.md — JWT rotation, sessions, OAuth2/OIDC, API keys, mTLS decision treereferences/encryption-reference.md — at-rest, in-transit, field-level, KMS/Vault key managementreferences/owasp-top-10.md — A01–A05: broken access control, crypto failures, injection, insecure design, misconfigurationreferences/owasp-extended.md — A06–A10: vulnerable components, auth failures, integrity, security logging, SSRFreferences/zero-trust-patterns.md — service mesh, mTLS, SPIFFE/SPIRE, network policiesassets/security-review-template.md — threat model template: assets, threats, mitigationsnpx claudepluginhub rnavarych/alpha-engineer --plugin billy-milliganProvides guidance on app security: OWASP Top 10, auth/authz (OAuth2/OIDC/JWT/RBAC/ABAC), encryption, passkeys/WebAuthn, Zero Trust, SAST/DAST/SCA, WAF, SIEM, supply chain, compliance. For auth, sensitive data, reviews, architectures.
This skill should be used when the user asks to "review the security architecture", "check authentication patterns", "evaluate trust boundaries", "review encryption implementation", "assess authorization design", or needs to evaluate system designs for authentication, authorization, data protection, or cryptographic correctness.
Design security architecture covering authentication, authorization, data protection, and threat models. Use when building security-critical systems.