AI Security · June 15, 2026

Security skills should be cascaded, not copied into one giant prompt

AI coding agents are getting better at implementation, but security guidance is often still delivered as a long block of generic instructions. That does not scale well.

A giant security prompt has two problems. First, it spends context on guidance that may not apply. Second, it becomes difficult to edit and audit because every concern is mixed together: auth, input handling, dependencies, cloud deployment, secret exposure, and prompt injection all compete for attention.

We built secure-code-skill-cascade around a different shape: a small root skill plus focused modules that load only when relevant.

The cascade

The root skill gives the agent the operating rule: find the security-sensitive surface, load only the relevant modules, patch narrowly, test the exploit path, and report residual risk. The detailed checks live in editable modules.

Mermaid-rendered diagram showing a user task flowing into the secure-code root skill, then conditional OWASP, ASVS, CWE, auth, input, data, dependency, cloud, and AI-agent security modules, ending in patch, test, and residual risk output. — The root skill stays small; focused modules load only when the task touches that risk surface.

OWASP and ASVS modules for broad web and API verification.
CWE and input/output modules for implementation weakness checks.
Auth, session, data, and secrets modules for trust-boundary work.
Dependency and cloud modules for supply-chain and deployment review.
An AI-agent security module for prompt injection, tool permissions, and data exfiltration risks.
A verification module that forces tests, acceptance checks, and honest residual-risk language.

Why this is easier to trust

Modular security prompts are easier to review. If an auth rule is weak, update the auth module. If a new cloud deployment pattern matters, update the cloud module. If an agent workflow starts reading untrusted web pages, load the AI-agent module instead of asking every task to carry every rule.

The project also includes scenarios and vulnerable patch demos. That matters because a security skill should not only sound right. It should demonstrate how it selects modules and what kind of issue it is expected to catch.

What we released

The first release includes a real Codex skill, a portable Markdown bundle, ten security modules, five scenario fixtures, six vulnerable patch demos, validation scripts, and tests.

npm test
node scripts/compose.mjs --scenario web-api-auth
node scripts/compose.mjs --scenario ai-agent-tooling

The source is available at github.com/mirogate/secure-code-skill-cascade.

This is not a vulnerability scanner or a compliance claim. It is a practical skill architecture for making AI-assisted secure coding more inspectable, editable, and testable.