[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"skill-9cda93c0-40ff-4772-a65a-a0535494889e":3,"$fkri_4jHpMHVHFxeZOZH-CiCn202wIYrVdzZgVpvo2cY":43},{"id":4,"title":5,"description":6,"categoryId":7,"moduleId":8,"tags":9,"prompt":10,"icon":11,"source":12,"sourceUrl":13,"authorId":14,"authorName":15,"isPublic":16,"stars":17,"runs":18,"createdAt":19,"updatedAt":19,"module":20,"category":27,"packages":34},"9cda93c0-40ff-4772-a65a-a0535494889e","security-bluebook-builder","构建一个针对敏感应用的最低限度的但真实的网络安全策略。输出为一份单一、连贯的蓝皮书文档，使用MUST\u002FSHOULD\u002FCAN语言，明确假设、范围和安全门。","cat_life_career","mod_other","sickn33,other","---\nname: security-bluebook-builder\ndescription: \"Build a minimal but real security policy for sensitive apps. The output is a single, coherent Blue Book document using MUST\u002FSHOULD\u002FCAN language, with explicit assumptions, scope, and security gates.\"\nrisk: unknown\nsource: community\n---\n\n# Security Bluebook Builder\n\n## When to Use\n- You need a concise but enforceable security policy for an app handling sensitive data.\n- You want a single Blue Book document with explicit assumptions, controls, and go\u002Fno-go gates.\n- The user needs policy guidance grounded in scope, threat model, and operational security defaults rather than generic advice.\n\n## Overview\nBuild a minimal but real security policy for sensitive apps. The output is a single, coherent Blue Book document using MUST\u002FSHOULD\u002FCAN language, with explicit assumptions, scope, and security gates.\n\n## Workflow\n\n### 1) Gather inputs (ask only if missing)\nCollect just enough context to fill the template. If the user has not provided details, ask up to 6 short questions:\n- What data classes are handled (PII, PHI, financial, tokens, content)?\n- What are the trust boundaries (client\u002Fserver\u002Fthird parties)?\n- How do users authenticate (OAuth, email\u002Fpassword, SSO, device sessions)?\n- What storage is used (DB, object storage, logs, analytics)?\n- What connectors or third parties are used?\n- Retention and deletion expectations (default + user-initiated)?\n\nIf the user cannot answer, proceed with safe defaults and mark TODOs.\n\n### 2) Draft the Blue Book\nLoad `references\u002Fbluebook_template.md` and fill it with the provided details. Keep it concise, deterministic, and enforceable.\n\n### 3) Enforce guardrails\n- Do not include secrets, tokens, or internal credentials.\n- If something is unknown, write \"TODO\" plus a clear assumption.\n- Fail closed: if a capability is required but unavailable, call it out explicitly.\n- Keep scope minimal; do not add features or tools beyond what the user asked for.\n\n### 4) Quality checks\nConfirm the Blue Book includes:\n- Threat model (assumptions + out-of-scope)\n- Data classification + handling rules\n- Trust boundaries + controls\n- Auth\u002Fsession policy\n- Token handling policy\n- Logging\u002Faudit policy\n- Retention\u002Fdeletion\n- Incident response mini-runbook\n- Security gates + go\u002Fno-go checklist\n\n## Resources\n- `references\u002Fbluebook_template.md`\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.\n","","imported","https:\u002F\u002Fgithub.com\u002Fsickn33\u002Fantigravity-awesome-skills","user_system_seed","SkillOPIC",true,103,1091,"2026-05-16 13:38:18",{"id":8,"name":21,"slug":22,"icon":23,"description":24,"sort":25,"createdAt":26},"其他","other","mdi-page-next-outline","其他类型Skill",5,"2026-05-16 12:53:40",{"id":7,"name":28,"slug":29,"icon":30,"description":31,"moduleId":8,"sort":32,"skillCount":33,"createdAt":26},"职场发展","career","mdi-briefcase-outline","面试准备、简历优化、职业规划",4,575,[35],{"id":36,"skillId":4,"version":37,"fileName":38,"fileSize":39,"filePath":40,"fileHash":41,"manifest":42,"createdAt":19},"a8da5d81-e24c-4be0-bedd-ef6803209041","1.0.0","security-bluebook-builder.zip",1348,"uploads\u002Fskills\u002F9cda93c0-40ff-4772-a65a-a0535494889e\u002Fsecurity-bluebook-builder.zip","9dbd17cb4bd3bfe8d9966748d18994d056f093a5f8dcfb913296e2e8401cceaf","[{\"path\":\"SKILL.md\",\"isDirectory\":false,\"size\":2655}]",{"code":44,"message":45,"data":46},200,"success",{"items":47,"stats":48,"page":51},[],{"averageRating":49,"totalRatings":49,"ratingCounts":50},0,[49,49,49,49,49],{"limit":52,"offset":49,"hasMore":53,"nextOffset":52,"ratedOnly":16},15,false]