{"aiPlatform":"claude-code@2025.06","category":"security-audit","commandName":"/security-hardening","content":"---\nname: Security Hardening\ndescription: Implement security-first architecture and hardening measures with coordinated agent orchestration\nallowed_tools:\n  - memory          # For tracking security findings and coordination between agents\n  - filesystem      # For implementing security measures, compliance checks, and monitoring\ntags:\n  - security\n  - hardening\n  - compliance\n  - vulnerability-assessment\n  - penetration-testing\n  - monitoring\n  - workflow\ncategory: security\nversion: 2.0.0\nauthor: AI Commands Team\n---\n\nImplement security-first architecture and hardening measures with coordinated agent orchestration:\n\n[Extended thinking: This workflow prioritizes security at every layer of the application stack. Multiple agents work together to identify vulnerabilities, implement secure patterns, and ensure compliance with security best practices.]\n\n## Phase 1: Security Assessment\n\n### 1. Initial Security Audit\n- Use Task tool with subagent_type=\"security-auditor\"\n- Prompt: \"Perform comprehensive security audit on: $ARGUMENTS. Identify vulnerabilities, compliance gaps, and security risks across all components.\"\n- Output: Vulnerability report, risk assessment, compliance gaps\n\n### 2. Architecture Security Review\n- Use Task tool with subagent_type=\"backend-architect\"\n- Prompt: \"Review and redesign architecture for security: $ARGUMENTS. Focus on secure service boundaries, data isolation, and defense in depth. Use findings from security audit.\"\n- Output: Secure architecture design, service isolation strategy, data flow diagrams\n\n## Phase 2: Security Implementation\n\n### 3. Backend Security Hardening\n- Use Task tool with subagent_type=\"backend-architect\"\n- Prompt: \"Implement backend security measures for: $ARGUMENTS. Include authentication, authorization, input validation, and secure data handling based on security audit findings.\"\n- Output: Secure API implementations, auth middleware, validation layers\n\n### 4. Infrastructure Security\n- Use Task tool with subagent_type=\"devops-troubleshooter\"\n- Prompt: \"Implement infrastructure security for: $ARGUMENTS. Configure firewalls, secure secrets management, implement least privilege access, and set up security monitoring.\"\n- Output: Infrastructure security configs, secrets management, monitoring setup\n\n### 5. Frontend Security\n- Use Task tool with subagent_type=\"frontend-developer\"\n- Prompt: \"Implement frontend security measures for: $ARGUMENTS. Include CSP headers, XSS prevention, secure authentication flows, and sensitive data handling.\"\n- Output: Secure frontend code, CSP policies, auth integration\n\n## Phase 3: Compliance and Testing\n\n### 6. Compliance Verification\n- Use Task tool with subagent_type=\"security-auditor\"\n- Prompt: \"Verify compliance with security standards for: $ARGUMENTS. Check OWASP Top 10, GDPR, SOC2, or other relevant standards. Validate all security implementations.\"\n- Output: Compliance report, remediation requirements\n\n### 7. Security Testing\n- Use Task tool with subagent_type=\"test-automator\"\n- Prompt: \"Create security test suites for: $ARGUMENTS. Include penetration tests, security regression tests, and automated vulnerability scanning.\"\n- Output: Security test suite, penetration test results, CI/CD integration\n\n## Phase 4: Deployment and Monitoring\n\n### 8. Secure Deployment\n- Use Task tool with subagent_type=\"deployment-engineer\"\n- Prompt: \"Implement secure deployment pipeline for: $ARGUMENTS. Include security gates, vulnerability scanning in CI/CD, and secure configuration management.\"\n- Output: Secure CI/CD pipeline, deployment security checks, rollback procedures\n\n### 9. Security Monitoring Setup\n- Use Task tool with subagent_type=\"devops-troubleshooter\"\n- Prompt: \"Set up security monitoring and incident response for: $ARGUMENTS. Include intrusion detection, log analysis, and automated alerting.\"\n- Output: Security monitoring dashboards, alert rules, incident response procedures\n\n## Coordination Notes\n- Security findings from each phase inform subsequent implementations\n- All agents must prioritize security in their recommendations\n- Regular security reviews between phases ensure nothing is missed\n- Document all security decisions and trade-offs\n\nSecurity hardening target: $ARGUMENTS","contentHash":"aa752136b5cdef17d9299d6fea2d7c88a714dfe705fe8f351615431a994707ce","copies":0,"createdAt":"2025-08-12T16:09:34.109Z","description":"Security-first implementation with specialized subagents","github":{"repoUrl":"https://github.com/Commands-com/commands","lastSyncDirection":"from-github","metadata":{"importedFrom":"github_repository","repoPrivate":false,"repoDefaultBranch":"main","connectedAt":"2025-08-12T16:09:34.109Z"},"importedAt":"2025-08-12T16:09:34.109Z","lastSyncAt":"2025-08-17T17:57:45.750Z","fileMapping":{"license":null,"readme":null,"assets":[],"mainFile":"workflows/security-hardening.md"},"selectedCommand":"security-hardening","fileShas":{"mainFile":"941985335832b7f1146bef7f4e0adb974fbd32db","yamlPath":"313647b1fb381389da33b7913e95baf617c4b392"},"branch":"main","connectionType":"commands_yaml","connected":true,"lastSyncCommit":"01591bc061d236bde47bf23b0f47e8afcf1a5144","importSource":"repository_import","installationId":"69232615","syncStatus":"synced"},"githubRepoUrl":"https://github.com/Commands-com/commands","id":"bd3e1766-3982-4ec0-90da-83d304f4ecee","inputParameters":[{"defaultValue":"owasp","name":"security_standard","options":["owasp","nist","iso27001","pci-dss","hipaa","sox"],"description":"Security standard to follow","label":"Security Standard","type":"select","required":false},{"defaultValue":"stride","name":"threat_model","options":["stride","pasta","attack-trees","kill-chain","mitre-attack"],"description":"Threat modeling approach","label":"Threat Model","type":"select","required":false}],"instructions":"Security-first implementation with specialized subagents","likes":0,"mcp_search_content":"","organizationUsername":"commands-com","price":"free","search_content":"security hardening security-first implementation with specialized subagents /security-hardening security-audit claude-code@2025.06","title":"Security Hardening","type":"command","updatedAt":"2025-08-17T17:57:45.750Z","userId":"W0V8NAw5AhWRwcuwSoFLOi1Yem83","visibility":"public","name":"security-hardening","userInteraction":{"userHasStarred":false}}