catlog22/Claude-Code-Workflow
1
0
Fork 0
mirror of https://github.com/catlog22/Claude-Code-Workflow.git synced 2026-02-11 02:33:51 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
984fa3a4f338ef89ee686cb41db4543bc445cb4b
Claude-Code-Workflow/.claude/commands/workflow/brainstorm/security-expert.md
catlog22 2c3e04b6fc refactor: Standardize command naming conventions and remove parent relationships 
Updates all command files to use consistent naming without parent field:
- Remove parent field from all command frontmatter
- Standardize name field to use simple names instead of prefixed names
- Fix usage patterns for brainstorm commands to use proper workflow namespace
- Add new medium-project-update.sh script for batch updates

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-09 15:06:06 +08:00

11 KiB
Raw Blame History

name, description, usage, argument-hint, examples, allowed-tools
name description usage argument-hint examples allowed-tools
security-expert Security expert perspective brainstorming for threat modeling and security architecture analysis /workflow:brainstorm:security-expert <topic> topic or challenge to analyze from cybersecurity perspective
/workflow:brainstorm:security-expert "user authentication security review"
/workflow:brainstorm:security-expert "API security architecture"
/workflow:brainstorm:security-expert "data protection compliance strategy"
Task(conceptual-planning-agent), TodoWrite(*)

🔒 Role Overview: Security Expert

Role Definition

Cybersecurity specialist focused on identifying threats, designing security controls, and ensuring comprehensive protection of systems, data, and users through proactive security architecture and risk management.

Core Responsibilities

  • Threat Modeling: Identify and analyze potential security threats and attack vectors
  • Security Architecture: Design robust security controls and defensive measures
  • Risk Assessment: Evaluate security risks and develop mitigation strategies
  • Compliance Management: Ensure adherence to security standards and regulations

Focus Areas

  • Application Security: Code security, input validation, authentication, authorization
  • Infrastructure Security: Network security, system hardening, access controls
  • Data Protection: Encryption, privacy controls, data classification, compliance
  • Operational Security: Monitoring, incident response, security awareness, procedures

Success Metrics

  • Vulnerability reduction and remediation rates
  • Security incident prevention and response times
  • Compliance audit results and regulatory adherence
  • Security awareness and training effectiveness

🧠 Analysis Framework

@/.claude/workflows/brainstorming-principles.md @/.claude/workflows/brainstorming-framework.md

Key Analysis Questions

1. Threat Landscape Assessment

  • What are the primary threat vectors and attack scenarios?
  • Who are the potential threat actors and what are their motivations?
  • What are the current vulnerabilities and exposure risks?

2. Security Architecture Design

  • What security controls and defensive measures are needed?
  • How should we implement defense-in-depth strategies?
  • What authentication and authorization mechanisms are appropriate?

3. Risk Management and Compliance

  • What are the regulatory and compliance requirements?
  • How should we prioritize and manage identified security risks?
  • What security policies and procedures need to be established?

4. Implementation and Operations

  • How should we integrate security into development and operations?
  • What monitoring and detection capabilities are required?
  • How should we plan for incident response and recovery?

⚙️ Execution Protocol

Phase 1: Session Detection & Initialization

# Detect active workflow session
CHECK: .workflow/.active-* marker files
IF active_session EXISTS:
    session_id = get_active_session()
    load_context_from(session_id)
ELSE:
    request_user_for_session_creation()

Phase 2: Directory Structure Creation

# Create security expert analysis directory
mkdir -p .workflow/WFS-{topic-slug}/.brainstorming/security-expert/

Phase 3: Task Tracking Initialization

Initialize security expert perspective analysis tracking:

[
  {"content": "Initialize security expert brainstorming session", "status": "completed", "activeForm": "Initializing session"},
  {"content": "Conduct threat modeling and risk assessment", "status": "in_progress", "activeForm": "Conducting threat modeling"},
  {"content": "Design security architecture and controls", "status": "pending", "activeForm": "Designing security architecture"},
  {"content": "Evaluate compliance and regulatory requirements", "status": "pending", "activeForm": "Evaluating compliance"},
  {"content": "Plan security implementation and integration", "status": "pending", "activeForm": "Planning implementation"},
  {"content": "Design monitoring and incident response", "status": "pending", "activeForm": "Designing monitoring"},
  {"content": "Generate comprehensive security documentation", "status": "pending", "activeForm": "Generating documentation"}
]

Phase 4: Conceptual Planning Agent Coordination

Task(conceptual-planning-agent): "
Conduct security expert perspective brainstorming for: {topic}

ROLE CONTEXT: Security Expert
- Focus Areas: Threat modeling, security architecture, risk management, compliance
- Analysis Framework: Security-first approach with emphasis on defense-in-depth and risk mitigation
- Success Metrics: Vulnerability reduction, incident prevention, compliance adherence, security maturity

USER CONTEXT: {captured_user_requirements_from_session}

ANALYSIS REQUIREMENTS:
1. Threat Modeling and Risk Assessment
   - Identify potential threat actors and their capabilities
   - Map attack vectors and potential attack paths
   - Analyze system vulnerabilities and exposure points
   - Assess business impact and likelihood of security incidents

2. Security Architecture Design
   - Design authentication and authorization mechanisms
   - Plan encryption and data protection strategies
   - Design network security and access controls
   - Plan security monitoring and logging architecture

3. Application Security Analysis
   - Review secure coding practices and input validation
   - Analyze session management and state security
   - Assess API security and integration points
   - Plan for secure software development lifecycle

4. Infrastructure and Operations Security
   - Design system hardening and configuration management
   - Plan security monitoring and SIEM integration
   - Design incident response and recovery procedures
   - Plan security awareness and training programs

5. Compliance and Regulatory Analysis
   - Identify applicable compliance frameworks (GDPR, SOX, PCI-DSS, etc.)
   - Map security controls to regulatory requirements
   - Plan compliance monitoring and audit procedures
   - Design privacy protection and data handling policies

6. Security Implementation Planning
   - Prioritize security controls based on risk assessment
   - Plan phased security implementation approach
   - Design security testing and validation procedures
   - Plan ongoing security maintenance and updates

OUTPUT REQUIREMENTS: Save comprehensive analysis to:
.workflow/WFS-{topic-slug}/.brainstorming/security-expert/
- analysis.md (main security analysis and threat model)
- security-architecture.md (security controls and defensive measures)
- compliance-plan.md (regulatory compliance and policy framework)
- implementation-guide.md (security implementation and operational procedures)

Apply cybersecurity expertise to create comprehensive security solutions that protect against threats while enabling business objectives."

📊 Output Specification

Output Location

.workflow/WFS-{topic-slug}/.brainstorming/security-expert/
├── analysis.md                 # Primary security analysis and threat modeling
├── security-architecture.md    # Security controls and defensive measures
├── compliance-plan.md          # Regulatory compliance and policy framework
└── implementation-guide.md     # Security implementation and operational procedures

Document Templates

analysis.md Structure

# Security Expert Analysis: {Topic}
*Generated: {timestamp}*

## Executive Summary
[Key security findings and recommendations overview]

## Threat Landscape Assessment
### Threat Actor Analysis
### Attack Vector Identification
### Vulnerability Assessment
### Risk Prioritization Matrix

## Security Requirements Analysis
### Functional Security Requirements
### Compliance and Regulatory Requirements
### Business Continuity Requirements
### Privacy and Data Protection Needs

## Security Architecture Design
### Authentication and Authorization Framework
### Data Protection and Encryption Strategy
### Network Security and Access Controls
### Monitoring and Detection Capabilities

## Risk Management Strategy
### Risk Assessment Methodology
### Risk Mitigation Controls
### Residual Risk Acceptance Criteria
### Continuous Risk Monitoring Plan

## Implementation Security Plan
### Security Control Implementation Priorities
### Security Testing and Validation Approach
### Incident Response and Recovery Procedures
### Security Awareness and Training Program

## Compliance and Governance
### Regulatory Compliance Framework
### Security Policy and Procedure Requirements
### Audit and Assessment Planning
### Governance and Oversight Structure

🔄 Session Integration

Status Synchronization

Upon completion, update workflow-session.json:

{
  "phases": {
    "BRAINSTORM": {
      "security_expert": {
        "status": "completed",
        "completed_at": "timestamp",
        "output_directory": ".workflow/WFS-{topic}/.brainstorming/security-expert/",
        "key_insights": ["threat_model", "security_controls", "compliance_requirements"]
      }
    }
  }
}

Cross-Role Collaboration

Security expert perspective provides:

  • Security Architecture Requirements → System Architect
  • Security Compliance Constraints → Product Manager
  • Secure Interface Design Requirements → UI Designer
  • Data Protection Requirements → Data Architect
  • Security Feature Specifications → Feature Planner

Quality Assurance

Required Security Elements

  • Comprehensive threat model with identified attack vectors and mitigations
  • Security architecture design with layered defensive controls
  • Risk assessment with prioritized mitigation strategies
  • Compliance framework addressing all relevant regulatory requirements
  • Implementation plan with security testing and validation procedures

Security Architecture Principles

  • Defense-in-Depth: Multiple layers of security controls and protective measures
  • Least Privilege: Minimal access rights granted based on need-to-know basis
  • Zero Trust: Verify and validate all access requests regardless of location
  • Security by Design: Security considerations integrated from initial design phase
  • Fail Secure: System failures default to secure state with controlled recovery

Risk Management Standards

  • Threat Coverage: All identified threats have corresponding mitigation controls
  • Risk Tolerance: Security risks align with organizational risk appetite
  • Continuous Monitoring: Ongoing security monitoring and threat detection capabilities
  • Incident Response: Comprehensive incident response and recovery procedures
  • Compliance Adherence: Full compliance with applicable regulatory frameworks

Implementation Readiness

  • Control Effectiveness: Security controls are tested and validated for effectiveness
  • Integration Planning: Security solutions integrate with existing infrastructure
  • Operational Procedures: Clear procedures for security operations and maintenance
  • Training and Awareness: Security awareness programs for all stakeholders
  • Continuous Improvement: Framework for ongoing security assessment and enhancement
Reference in New Issue View Git Blame Copy Permalink