Does this skill help with secrets management?

Yes, it specifically helps deploy pre-commit hooks that detect and block hardcoded secrets before they are committed to version control.

Is this skill suitable for existing projects?

Absolutely; it is designed to help both new and existing repositories adopt modern security standards within a structured four-week roadmap.

What is the main goal of the Phase 1 Foundation skill?

It aims to establish a secure development baseline by blocking local security risks and enforcing repository-level merge controls.

How does branch protection work within this skill?

It provides guidance on setting up required reviews and merge constraints to ensure no code enters the main branch without proper authorization.

What are pre-commit hooks in this context?

They are automated scripts that run locally on a developer's machine to validate code quality and security before a git commit is finalized.

SDLC Security Foundation (Phase 1)

Name: SDLC Security Foundation (Phase 1)
Author: adaptive-enforcement-lab

byadaptive-enforcement-lab

Security & Testing

Establishes essential SDLC security controls including secrets detection, branch protection, and commit verification to create a secure development environment.

About

This skill provides domain-specific guidance for implementing the foundational stage of a secure Software Development Life Cycle (SDLC) during the initial phase of a project. It focuses on deploying critical defensive layers such as pre-commit hooks for automated secrets detection, strict branch protection policies with required reviews, and commit signature verification to ensure code integrity. By integrating these automated enforcement patterns, developers can block vulnerabilities at the local source level and prevent unauthorized merges, establishing a robust defense-in-depth strategy from the start.

Key Features

Organization-wide security policy distribution strategies
0 GitHub stars
Defense-in-depth implementation for git workflows
Automated secrets detection via pre-commit hooks
Cryptographic commit signature verification setup
Branch protection configuration with mandatory peer reviews

Use Cases

Hardening existing Git repositories against secret leaks and unauthorized code changes
Standardizing secure development practices across a distributed engineering team
Bootstrapping security for a new software project or organization

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add adaptive-enforcement-lab/claude-skills phase-1-foundation-weeks-1-4

For use in Claude.ai and ChatGPT

Download Skill

GitHub