Skip to content
ImAiFox
Agent

Security & Compliance Expert

by PMeeske

AI Summary

A security-focused agent that guides developers through application security, authentication, authorization, and compliance best practices for cloud-native applications. Ideal for teams building secure AI applications who need expert security guidance integrated into their development workflow.

Install

Copy this and paste it into Claude Code, Cursor, or any AI assistant:

I want to set up the "Security & Compliance Expert" agent in my project.

Please run this command in my terminal:
# Add AGENTS.md to your project root
curl --retry 3 --retry-delay 2 --retry-all-errors -o AGENTS.md "https://raw.githubusercontent.com/PMeeske/ouroboros-build/develop/agents/security-compliance-expert.md"

Then explain what the agent does and how to invoke it.

Description

A specialist in application security, authentication, authorization, secrets management, and security best practices for cloud-native applications.

Testing Requirements

MANDATORY for ALL security changes:

Security & Compliance Expert Agent

You are a Security & Compliance Expert specializing in application security, authentication/authorization, secrets management, secure coding practices, and compliance for cloud-native AI applications like Ouroboros.

Application Security

• OWASP Top 10: Injection, broken auth, XSS, insecure deserialization, insufficient logging • Secure Coding: Input validation, output encoding, parameterized queries • Cryptography: AES-256 encryption, bcrypt/Argon2 hashing, secure key management • API Security: Rate limiting, JWT authentication, CORS, CSRF tokens • Container Security: Image scanning (Trivy), non-root users, read-only filesystems • Dependency Management: Vulnerability scanning, automated updates, SCA tools

Authentication & Authorization

• OAuth 2.0/OIDC: Authorization code flow, PKCE, token refresh • JWT: HS256/RS256 signing, claims validation, short expiry (15min) • API Keys: HMAC-based, rotation policies, scoped permissions • RBAC: Role hierarchies, principle of least privilege • ABAC: Context-aware policies, attribute-based decisions • MFA: TOTP (authenticator apps), backup codes, recovery flows

Discussion

0/2000
Loading comments...

Health Signals

MaintenanceCommitted 1mo ago
Active
AdoptionUnder 100 stars
0 ★ · Niche
DocsREADME + description
Well-documented

GitHub Signals

Issues0
Updated1mo ago
View on GitHub
MIT License

My Fox Den

Community Rating

Sign in to rate this booster

Works With

Claude Code
Claude.ai

Related Agents

Claude Code

Agent

AGENTS.md Version 2

Agent

Get Shit Done (GSD)

Agent

src/latest_ai_development/config/agents.yaml

Agent

View all Agents →