Security Heuristics
A mental checklist and verification framework for evaluating the security of external skills, code, and integrations before installation. Provides systematic inspection patterns, provenance verification, and risk assessment methodology to prevent supply chain attacks and malicious code execution.
🚀 Security Heuristics is your mental checklist before installing any external skill or code. It guides you through inspecting files, searching for danger patterns like suspicious commands, verifying who created it, and asking critical questions about necessity and permissions. When in doubt, the default answer is always no.
💡 Use this skill whenever you're considering adding a new tool, integration, or script to your system. It's essential for protecting against supply chain attacks, credential theft, and malicious code hiding in seemingly helpful applications. Perfect for non-technical users who need confidence that what they're installing is safe.
✨ This skill embodies skepticism as security—popularity and download counts mean nothing. You get a straightforward framework to verify provenance, assess risk, and make informed decisions without needing coding expertise.
Requirements
No additional requirements.