# Security Patterns

A focused security checklist for AI-assisted code review.

## Philosophy

Models already know *what* SQL injection or XSS are. What they need is a checklist to ensure nothing is missed during review. This repo provides that checklist, not tutorials.

## Usage

The `SECURITY-CHECKLIST.md` file is designed to be loaded as context for a security-focused code reviewer. Point your review bot's `patterns-files` at this repo.

## Contents

- `SECURITY-CHECKLIST.md` - The review checklist covering:
  - Input & Validation
  - Authentication & Sessions  
  - Authorization
  - Secrets & Credentials
  - Request Handling
  - Response & Headers
  - Concurrency & State
  - File Operations
  - Logging & Audit
  - Dependencies & Supply Chain
  - AI/LLM Specific

## Integration

```yaml
# In your review workflow
patterns-repo: rodin/security-patterns
patterns-files: '.'
```

## License

MIT