mirror of
https://github.com/affaan-m/everything-claude-code.git
synced 2026-03-30 21:53:28 +08:00
261332dc50
Add complete .cursor/ directory with rules, agents, skills, commands, and MCP config adapted for Cursor's format. This makes ecc-universal a truly cross-IDE package supporting Claude Code, Cursor, and OpenCode. - 27 rule files with YAML frontmatter (description, globs, alwaysApply) - 13 agent files with full model IDs and readonly flags - 30 skill directories (identical Agent Skills standard, no translation) - 31 command files (5 multi-* stubbed for missing codeagent-wrapper) - MCP config with Cursor env interpolation syntax - README.md and MIGRATION.md documentation - install.sh --target cursor flag for project-scoped installation - package.json updated with .cursor/ in files and cursor keywords
35 lines
981 B
Markdown
35 lines
981 B
Markdown
---
|
|
description: "Mandatory security checks, secret management, and security response protocol"
|
|
alwaysApply: true
|
|
---
|
|
|
|
# Security Guidelines
|
|
|
|
## Mandatory Security Checks
|
|
|
|
Before ANY commit:
|
|
- [ ] No hardcoded secrets (API keys, passwords, tokens)
|
|
- [ ] All user inputs validated
|
|
- [ ] SQL injection prevention (parameterized queries)
|
|
- [ ] XSS prevention (sanitized HTML)
|
|
- [ ] CSRF protection enabled
|
|
- [ ] Authentication/authorization verified
|
|
- [ ] Rate limiting on all endpoints
|
|
- [ ] Error messages don't leak sensitive data
|
|
|
|
## Secret Management
|
|
|
|
- NEVER hardcode secrets in source code
|
|
- ALWAYS use environment variables or a secret manager
|
|
- Validate that required secrets are present at startup
|
|
- Rotate any secrets that may have been exposed
|
|
|
|
## Security Response Protocol
|
|
|
|
If security issue found:
|
|
1. STOP immediately
|
|
2. Use **security-reviewer** agent
|
|
3. Fix CRITICAL issues before continuing
|
|
4. Rotate any exposed secrets
|
|
5. Review entire codebase for similar issues
|