What encryption standards does it recommend?

It promotes AES-256 for data at rest, TLS 1.3 for data in transit, and modern KDFs like Argon2id for password storage.

How does it help with threat modeling?

It identifies architectural weaknesses and trust boundary crossings that directly feed into the threat catalog and security definitions of a formal threat model.

What security patterns does this skill evaluate?

The skill evaluates token handling (JWT, refresh tokens), session management, credential hashing (Argon2id, bcrypt), and both Role-Based and Object-Level access control logic.

Can I use this for cloud infrastructure reviews?

Absolutely. It focuses on trust boundaries and communication between services, making it ideal for reviewing API gateways, backend services, and database connections.

Does this skill provide code examples for fixes?

Yes, it includes 'Correct vs. Wrong' comparisons for authorization logic and references standardized cryptographic algorithm selection tables.

Security Architecture Reviewer

Name: Security Architecture Reviewer
Author: bitwarden

bybitwarden

•

安全与测试

Evaluates system designs for robust authentication, authorization, data protection, and cryptographic correctness.

This skill provides a comprehensive framework for auditing software architecture against modern security standards. It enables Claude to identify secure patterns and common anti-patterns in token handling, session management, and credential storage. By analyzing trust boundaries and authorization logic like RBAC and object-level access control, the skill ensures that applications are built on zero-trust principles. It is particularly useful during design phases or security audits to verify that encryption at rest and in transit meets industry benchmarks like AES-256 and TLS 1.3.

主要功能

01Data protection review for encryption at rest and in transit

02Trust boundary mapping and zero-trust validation between components

03Comprehensive token-based authentication and session management auditing

04Verification of modern credential storage and KDF implementations

053 GitHub stars

06Detailed analysis of RBAC and object-level authorization patterns

使用场景

01Reviewing data access layers to ensure proper object-level ownership checks

02Identifying architectural trust boundaries to inform threat modeling sessions

03Auditing an API's authentication flow to prevent token leakage or session hijacking

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bitwarden/ai-plugins reviewing-security-architecture

For use in Claude.ai and ChatGPT

主要功能

01Data protection review for encryption at rest and in transit

02Trust boundary mapping and zero-trust validation between components

03Comprehensive token-based authentication and session management auditing

04Verification of modern credential storage and KDF implementations

053 GitHub stars

06Detailed analysis of RBAC and object-level authorization patterns

使用场景

01Reviewing data access layers to ensure proper object-level ownership checks

02Identifying architectural trust boundaries to inform threat modeling sessions

03Auditing an API's authentication flow to prevent token leakage or session hijacking

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bitwarden/ai-plugins reviewing-security-architecture

For use in Claude.ai and ChatGPT