Does this skill help with secrets management?

Yes, it specifically helps deploy pre-commit hooks that detect and block hardcoded secrets before they are committed to version control.

Is this skill suitable for existing projects?

Absolutely; it is designed to help both new and existing repositories adopt modern security standards within a structured four-week roadmap.

What is the main goal of the Phase 1 Foundation skill?

It aims to establish a secure development baseline by blocking local security risks and enforcing repository-level merge controls.

How does branch protection work within this skill?

It provides guidance on setting up required reviews and merge constraints to ensure no code enters the main branch without proper authorization.

What are pre-commit hooks in this context?

They are automated scripts that run locally on a developer's machine to validate code quality and security before a git commit is finalized.

SDLC Security Foundation (Phase 1)

Name: SDLC Security Foundation (Phase 1)
Author: adaptive-enforcement-lab

byadaptive-enforcement-lab

0•

安全与测试

Establishes essential SDLC security controls including secrets detection, branch protection, and commit verification to create a secure development environment.

This skill provides domain-specific guidance for implementing the foundational stage of a secure Software Development Life Cycle (SDLC) during the initial phase of a project. It focuses on deploying critical defensive layers such as pre-commit hooks for automated secrets detection, strict branch protection policies with required reviews, and commit signature verification to ensure code integrity. By integrating these automated enforcement patterns, developers can block vulnerabilities at the local source level and prevent unauthorized merges, establishing a robust defense-in-depth strategy from the start.

主要功能

01Organization-wide security policy distribution strategies

020 GitHub stars

03Defense-in-depth implementation for git workflows

04Automated secrets detection via pre-commit hooks

05Cryptographic commit signature verification setup

06Branch protection configuration with mandatory peer reviews

使用场景

01Hardening existing Git repositories against secret leaks and unauthorized code changes

02Standardizing secure development practices across a distributed engineering team

03Bootstrapping security for a new software project or organization

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add adaptive-enforcement-lab/claude-skills phase-1-foundation-weeks-1-4

For use in Claude.ai and ChatGPT

Download Skill