wave-ctx-security
Domain context for Three-layer defense system — permission enforcement (deny-first tool access control), input sanitization (prompt injection detection, risk scoring), path validation (traversal prevention, symlink rejection, Unicode homograph detection), sandbox isolation (Docker with full hardening, bubblewrap via Nix), credential scrubbing in audit logs, and curated subprocess environments.
Installation and usage
Domain context for Three-layer defense system — permission enforcement (deny-first tool access control), input sanitization (prompt injection detection, risk scoring), path validation (traversal prevention, symlink rejection, Unicode homograph detection), sandbox isolation (Docker with full hardening, bubblewrap via Nix), credential scrubbing in audit logs, and curated subprocess environments.
Once installed, you can use this skill by running the following command in your terminal:
skills use wave-ctx-security