cisco/software-security
A software security skill that integrates with Project CodeGuard to help AI coding agents write secure code and prevent common vulnerabilities. Use this skill when writing, reviewing, or modifying code to ensure secure-by-default practices are followed.
task.mdevals/scenario-3/
Task: Create Kubernetes Deployment for a Web API
Write Kubernetes manifests for deploying a REST API service called order-service in the ecommerce namespace. The service:
- Uses the image
registry.example.com/order-service:2.1.0 - Listens on port 8080
- Needs to write temporary files to
/tmpfor request processing - Should be accessible only from the
api-gatewayservice in the same namespace - Runs 3 replicas
Create a file called k8s-manifests.yaml containing all necessary Kubernetes resources (Deployment, Service, and any other resources needed). Use production-ready settings.
tessl i cisco/software-security@1.2.5evals
scenario-1
scenario-2
scenario-3
scenario-4
scenario-5
rules
codeguard-0-additional-cryptography.mdcodeguard-0-api-web-services.mdcodeguard-0-authentication-mfa.mdcodeguard-0-authorization-access-control.mdcodeguard-0-client-side-web-security.mdcodeguard-0-cloud-orchestration-kubernetes.mdcodeguard-0-data-storage.mdcodeguard-0-devops-ci-cd-containers.mdcodeguard-0-file-handling-and-uploads.mdcodeguard-0-framework-and-languages.mdcodeguard-0-iac-security.mdcodeguard-0-input-validation-injection.mdcodeguard-0-logging.mdcodeguard-0-mcp-security.mdcodeguard-0-mobile-apps.mdcodeguard-0-privacy-data-protection.mdcodeguard-0-safe-c-functions.mdcodeguard-0-session-management-and-cookies.mdcodeguard-0-supply-chain-security.mdcodeguard-0-xml-and-serialization.mdcodeguard-1-crypto-algorithms.mdcodeguard-1-digital-certificates.mdcodeguard-1-hardcoded-credentials.md