zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-04-06 01:03:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat(rules): add C# language support (#704)

Browse Source 
* feat(rules): add C# language support

* feat: add everything-claude-code ECC bundle (#705)

* feat: add everything-claude-code ECC bundle (.claude/ecc-tools.json)

* feat: add everything-claude-code ECC bundle (.claude/skills/everything-claude-code/SKILL.md)

* feat: add everything-claude-code ECC bundle (.agents/skills/everything-claude-code/SKILL.md)

* feat: add everything-claude-code ECC bundle (.agents/skills/everything-claude-code/agents/openai.yaml)

* feat: add everything-claude-code ECC bundle (.claude/identity.json)

* feat: add everything-claude-code ECC bundle (.codex/agents/explorer.toml)

* feat: add everything-claude-code ECC bundle (.codex/agents/reviewer.toml)

* feat: add everything-claude-code ECC bundle (.codex/agents/docs-researcher.toml)

* feat: add everything-claude-code ECC bundle (.claude/rules/everything-claude-code-guardrails.md)

* feat: add everything-claude-code ECC bundle (.claude/research/everything-claude-code-research-playbook.md)

* feat: add everything-claude-code ECC bundle (.claude/team/everything-claude-code-team-config.json)

* feat: add everything-claude-code ECC bundle (.claude/enterprise/controls.md)

* feat: add everything-claude-code ECC bundle (.claude/commands/database-migration.md)

* feat: add everything-claude-code ECC bundle (.claude/commands/feature-development.md)

* feat: add everything-claude-code ECC bundle (.claude/commands/add-language-rules.md)

---------

Co-authored-by: ecc-tools[bot] <257055122+ecc-tools[bot]@users.noreply.github.com>

* ci: retrigger

---------

Co-authored-by: ecc-tools[bot] <257055122+ecc-tools[bot]@users.noreply.github.com>
This commit is contained in:
Affaan Mustafa
2026-03-20 05:20:23 -07:00
committed by GitHub
parent b77f49569b
commit 40f18885b1
20 changed files with 1659 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
rules/csharp/security.md Normal file
View File

@@ -0,0 +1,58 @@
---
paths:
- "**/*.cs"
- "**/*.csx"
- "**/*.csproj"
- "**/appsettings*.json"
---
# C# Security
> This file extends [common/security.md](../common/security.md) with C#-specific content.
## Secret Management
- Never hardcode API keys, tokens, or connection strings in source code
- Use environment variables, user secrets for local development, and a secret manager in production
- Keep `appsettings.*.json` free of real credentials
```csharp
// BAD
const string ApiKey = "sk-live-123";
// GOOD
var apiKey = builder.Configuration["OpenAI:ApiKey"]
?? throw new InvalidOperationException("OpenAI:ApiKey is not configured.");
```
## SQL Injection Prevention
- Always use parameterized queries with ADO.NET, Dapper, or EF Core
- Never concatenate user input into SQL strings
- Validate sort fields and filter operators before using dynamic query composition
```csharp
const string sql = "SELECT * FROM Orders WHERE CustomerId = @customerId";
await connection.QueryAsync<Order>(sql, new { customerId });
```
## Input Validation
- Validate DTOs at the application boundary
- Use data annotations, FluentValidation, or explicit guard clauses
- Reject invalid model state before running business logic
## Authentication and Authorization
- Prefer framework auth handlers instead of custom token parsing
- Enforce authorization policies at endpoint or handler boundaries
- Never log raw tokens, passwords, or PII
## Error Handling
- Return safe client-facing messages
- Log detailed exceptions with structured context server-side
- Do not expose stack traces, SQL text, or filesystem paths in API responses
## References
See skill: `security-review` for broader application security review checklists.