mirror of
https://github.com/affaan-m/everything-claude-code.git
synced 2026-02-15 19:03:22 +08:00
261332dc50
Add complete .cursor/ directory with rules, agents, skills, commands, and MCP config adapted for Cursor's format. This makes ecc-universal a truly cross-IDE package supporting Claude Code, Cursor, and OpenCode. - 27 rule files with YAML frontmatter (description, globs, alwaysApply) - 13 agent files with full model IDs and readonly flags - 30 skill directories (identical Agent Skills standard, no translation) - 31 command files (5 multi-* stubbed for missing codeagent-wrapper) - MCP config with Cursor env interpolation syntax - README.md and MIGRATION.md documentation - install.sh --target cursor flag for project-scoped installation - package.json updated with .cursor/ in files and cursor keywords
981 B
981 B
description, alwaysApply
| description | alwaysApply |
|---|---|
| Mandatory security checks, secret management, and security response protocol | true |
Security Guidelines
Mandatory Security Checks
Before ANY commit:
- No hardcoded secrets (API keys, passwords, tokens)
- All user inputs validated
- SQL injection prevention (parameterized queries)
- XSS prevention (sanitized HTML)
- CSRF protection enabled
- Authentication/authorization verified
- Rate limiting on all endpoints
- Error messages don't leak sensitive data
Secret Management
- NEVER hardcode secrets in source code
- ALWAYS use environment variables or a secret manager
- Validate that required secrets are present at startup
- Rotate any secrets that may have been exposed
Security Response Protocol
If security issue found:
- STOP immediately
- Use security-reviewer agent
- Fix CRITICAL issues before continuing
- Rotate any exposed secrets
- Review entire codebase for similar issues