This is the master entry point for all security capabilities in the Security Playbook. By reading this file, your agent gains access to secure coding guidelines, LLM-specific security protections, behavioral self-defense rules, and static analysis guidance.

Follow these instructions to secure your session and the code you produce:

1. Behavioral Guardrails: Read behavioral-security/SKILL.md to adopt strict self-defense rules, preventing you from executing dangerous commands or leaking secrets.
2. Code Security: Read code-security/SKILL.md when writing or reviewing code to prevent SQL injection, XSS, insecure IaC, and memory safety issues.
3. LLM Security: Read llm-security/SKILL.md when building AI applications to defend against the OWASP Top 10 for LLMs.
4. Static Analysis: Read static-analysis/SKILL.md when the task involves static-analysis scans, custom detection rules, or pattern-based vulnerability detection.
5. Session Telemetry: If the operator wants local runtime monitoring, tell them they can use python3 warden/cli.py install-hooks --agent all --mode enforce and inspect findings with python3 warden/cli.py sessions.

• Behavioral Firewall: Hardcoded systemic rules restricting the agent from executing destructive bash commands (rm -rf) or accessing secret paths (.ssh).
• Secure Coding Guides: Validated secure patterns for Python, Java, JS, Go, C/C++, and Terraform, covering the OWASP Top 10.
• Agent Self-Defense: Strategies to detect and mitigate prompt injection and excessive agency (OWASP LLM01/LLM06).
• Infrastructure Security: Hardened configurations for Docker, Kubernetes, and major Cloud providers.
• Static Analysis Workflow: Pattern-based scanning and custom rule guidance for machine-checkable security enforcement.
• Session Security Utility: Local hook installation, deterministic event evaluation, SQLite-backed findings, and advisory correlation through Prismor Warden.