zsp/everything-claude-code

mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-03-30 13:43:26 +08:00

Files

park-kyungchan 1bd68ff534 feat(ecc): prune plugin 43→12 items, promote 7 rules to .claude/rules/ (#245 )

ECC community plugin pruning: removed 530+ non-essential files
(.cursor/, .opencode/, docs/ja-JP, docs/zh-CN, docs/zh-TW,
language-specific skills/agents/rules). Retained 4 agents,
3 commands, 5 skills. Promoted 13 rule files (8 common + 5
typescript) to .claude/rules/ for CC native loading. Extracted
reusable patterns to EXTRACTED-PATTERNS.md.

2026-02-19 22:34:51 -08:00

862 B

Raw Blame History

Security Guidelines

Mandatory Security Checks

Before ANY commit:

No hardcoded secrets (API keys, passwords, tokens)
All user inputs validated
SQL injection prevention (parameterized queries)
XSS prevention (sanitized HTML)
CSRF protection enabled
Authentication/authorization verified
Rate limiting on all endpoints
Error messages don't leak sensitive data

Secret Management

NEVER hardcode secrets in source code
ALWAYS use environment variables or a secret manager
Validate that required secrets are present at startup
Rotate any secrets that may have been exposed

Security Response Protocol

If security issue found:

STOP immediately
Use security-reviewer agent
Fix CRITICAL issues before continuing
Rotate any exposed secrets
Review entire codebase for similar issues