cisco/software-security
A software security skill that integrates with Project CodeGuard to help AI coding agents write secure code and prevent common vulnerabilities. Use this skill when writing, reviewing, or modifying code to ensure secure-by-default practices are followed.
84
Quality
84%
Does it follow best practices?
Impact
84%
1.78xAverage score across 5 eval scenarios
Passed
No known issues
Evaluation results
65%
10%Task: Implement User Registration Endpoint
Uses Argon2id
0%
0%
No hardcoded secrets
60%
100%
Parameterized SQL
100%
100%
Unique salt per user
100%
100%
80%
30%Task: Implement a Log Line Parser in C
No unsafe string functions
100%
100%
Uses snprintf
0%
0%
Null termination
100%
100%
Security compiler flags
0%
100%
100%
25%Task: Create Kubernetes Deployment for a Web API
Non-root user
100%
100%
Drop ALL capabilities
100%
100%
Read-only root filesystem
100%
100%
Default-deny network policy
0%
100%
Resource limits set
100%
100%
100%
45%Task: Create Terraform Configuration for a Web Application Stack
No open SSH access
0%
100%
No public database
100%
100%
IMDSv2 enforced
0%
100%
No IAM wildcard actions
100%
100%
Sensitive values marked
100%
100%
75%
75%Task: Implement Login and Session Handling for an Express.js App
SameSite Strict
0%
100%
Idle timeout configured
0%
100%
Session regeneration on login
0%
100%
Nonce-based CSP
0%
0%
HttpOnly and Secure flags
0%
100%
Install with Tessl CLI
npx tessl i cisco/software-security@1.2.5- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6