Name: cisco/software-security
Author: cisco

CtrlK

Community Documentation Log in Get started

cisco/software-security

A software security skill that integrates with Project CodeGuard to help AI coding agents write secure code and prevent common vulnerabilities. Use this skill when writing, reviewing, or modifying code to ensure secure-by-default practices are followed.

83%

Average

Review — 82%

Quality of skill definitions

Evaluation — 84%

↑ 1.79x

Agent success when using this tile

Assessment results

10%

Task: Implement User Registration Endpoint

Criteria

Without context

With context

Uses Argon2id

No hardcoded secrets

60%

100%

Parameterized SQL

100%

Unique salt per user

100%

30%

Task: Implement a Log Line Parser in C

Criteria

Without context

With context

No unsafe string functions

100%

Uses snprintf

Null termination

100%

Security compiler flags

100%

25%

Task: Create Kubernetes Deployment for a Web API

Criteria

Without context

With context

Non-root user

100%

Drop ALL capabilities

100%

Read-only root filesystem

100%

Default-deny network policy

100%

Resource limits set

100%

45%

Task: Create Terraform Configuration for a Web Application Stack

Criteria

Without context

With context

No open SSH access

100%

No public database

100%

IMDSv2 enforced

100%

No IAM wildcard actions

100%

Sensitive values marked

100%

75%

Task: Implement Login and Session Handling for an Express.js App

Criteria

Without context

With context

SameSite Strict

100%

Idle timeout configured

100%

Session regeneration on login

100%

Nonce-based CSP

HttpOnly and Secure flags

100%

tessl i cisco/software-security@1.2.5

Evaluated

4 days ago

Agent

Claude Code

Table of Contents

Task: Implement User Registration Endpoint Task: Implement a Log Line Parser in C Task: Create Kubernetes Deployment for a Web API Task: Create Terraform Configuration for a Web Application Stack Task: Implement Login and Session Handling for an Express.js App