Security And Secure-By-Design¶
Purpose: keep data, permissions, secrets, production actions, and high-stakes decisions inside the right controls.
Use this section by itself whenever agent-assisted work touches sensitive data, regulated workflows, production systems, or high-stakes decisions.
Inputs¶
- Data classification.
- Tool permissions.
- Secret-management rules.
- Repository and environment boundaries.
- Required reviewers.
- High-stakes or regulated constraints.
Outputs¶
- Permission model.
- Sensitive-data handling rules.
- High-stakes review gate.
- Role matrix.
- Audit event list.
- Threat notes.
- Security and privacy questions.
- Local reviewer list.
Agent Task Contract¶
Review the plan for data exposure, prompt safety, permission risk, production access, and high-stakes escalation.
Help update permission models, sensitive-data rules, high-stakes review gates, and reviewer lists when scope or access changes. Keep human review and acceptance explicit.
Do not approve security acceptance, legal acceptance, compliance acceptance, or production release.