Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

dtsong/hw-security-signoff

Name: hw-security-signoff
Author: dtsong

skills/council/forge/hw-security-signoff/SKILL.md

npx skillsauth add dtsong/my-claude-setup hw-security-signoff

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

HW Security Sign-Off

Purpose

Define the handoff contract between Foundry (builder) and Forge (security auditor) for hardware security sign-off. Ensure all security-critical design artifacts are delivered, reviewed, and approved before tape-out commitment.

Scope Constraints

Coordinates the handoff process between builder and auditor roles. Does not perform the security review itself (delegates to rtl-security-review, microarch-analysis, physical-design-security). Does not modify design files.

Inputs

Design name and tape-out target date
Security-critical modules identified by Foundry
Trust boundary definitions
Threat model (if available) or threat categories in scope
Any prior security review findings

Input Sanitization

No user-provided values are used in commands or file paths. All inputs are treated as read-only analysis targets.

Procedure

Progress Checklist

[ ] Step 1: Verify builder artifact delivery
[ ] Step 2: Validate security scope agreement
[ ] Step 3: Coordinate security reviews
[ ] Step 4: Track finding resolution
[ ] Step 5: Issue sign-off decision

Step 1: Verify Builder Artifact Delivery

Foundry must deliver the following before security review begins:

[ ] RTL source for all security-critical modules (final, synthesis-ready)
[ ] Security-critical module list with trust boundary annotations
[ ] Register map with access control policy per register
[ ] FSM state diagrams for security-relevant state machines
[ ] Clock domain crossing report
[ ] DFT/scan chain documentation (which chains touch security logic)
[ ] Debug interface specification (JTAG, trace ports)
[ ] Known limitations or accepted risks documented

Reject handoff if any artifact is missing. Document gaps and return to Foundry.

Step 2: Validate Security Scope Agreement

Confirm threat categories in scope (side-channel, fault injection, logical bypass, debug access).
Agree on security-critical module boundaries (which modules are in-scope for full review).
Define review depth per module: full RTL review, interface-only, or documentation review.
Set severity classification: critical (blocks tape-out), high (requires mitigation plan), medium (accept with justification), low (track).
Confirm timeline and review capacity.

Step 3: Coordinate Security Reviews

Dispatch to Forge specialist skills based on scope:

rtl-security-review: Access control gates, FSM transitions, information leakage for all in-scope modules.
microarch-analysis: Speculative execution, cache timing, branch predictor attacks if CPU/core is in scope.
physical-design-security: Power domain isolation, clock domain security, layout-level leakage if physical design is available.

Track review progress per module and per skill.

Step 4: Track Finding Resolution

Maintain finding tracker with: ID, module, category, severity, status, owner, target date.
For each critical finding: Foundry implements fix, Forge re-reviews.
For each high finding: Foundry provides mitigation plan, Forge approves plan.
For each medium finding: Foundry documents accepted risk with justification.
Verify all critical findings are resolved before sign-off.

Step 5: Issue Sign-Off Decision

Approved: All critical/high findings resolved, no open blockers.
Conditional approval: All critical resolved, high findings have approved mitigation plans with committed timelines.
Blocked: Open critical findings or unresolved high findings without mitigation plans.

Document decision with: reviewer, date, scope covered, open items (if conditional), and next review trigger.

Compaction resilience: If context was lost, re-read the Inputs section for the design under review, check the Progress Checklist, then resume from the earliest incomplete step.

Output Format

Sign-Off Summary

| Field | Value | |-------|-------| | Design | ... | | Reviewer | Forge | | Date | ... | | Decision | Approved / Conditional / Blocked | | Scope | Modules A, B, C | | Open items | ... |

Finding Tracker

| ID | Module | Category | Severity | Status | Owner | |----|--------|----------|----------|--------|-------| | F1 | access_ctrl | Bypass | Critical | Fixed | Foundry | | F2 | debug_if | Leakage | High | Mitigated | Foundry |

Handoff

Hand off to forge/rtl-security-review for detailed RTL security analysis.
Hand off to forge/microarch-analysis for microarchitectural attack surface review.
Hand off to foundry/chip-design-flow for design fixes required by findings.

Quality Checks

[ ] All builder artifacts delivered and complete
[ ] Security scope and threat categories agreed
[ ] All security-critical modules reviewed by appropriate Forge skill
[ ] All critical findings resolved
[ ] All high findings resolved or have approved mitigation plans
[ ] Sign-off decision documented with scope and conditions

Evolution Notes

dtsong/hw-security-signoff

skills/council/forge/hw-security-signoff/SKILL.md

Use when a hardware design needs security sign-off before tape-out. Defines the builder-to-auditor handoff contract between Foundry (constructive design) and Forge (security review). Covers security review prerequisites, artifact checklist, sign-off criteria, and conditional approval workflow. Do not use for RTL security review itself (use rtl-security-review) or design flow guidance (use foundry/chip-design-flow).

4 stars

development

Updated Apr 26, 2026

$ install --global

skillsauth

npx skillsauth add dtsong/my-claude-setup hw-security-signoff

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 26, 2026, 4:11 AM50.1s1 file scanned

SKILL.md

name:: hw-security-signoff
department:: forge
description:: Use when a hardware design needs security sign-off before tape-out. Defines the builder-to-auditor handoff contract between Foundry (constructive design) and Forge (security review). Covers security review prerequisites, artifact checklist, sign-off criteria, and conditional approval workflow. Do not use for RTL security review itself (use rtl-security-review) or design flow guidance (use foundry/chip-design-flow).
version:: 1

HW Security Sign-Off

Purpose

Scope Constraints

Inputs

Design name and tape-out target date
Security-critical modules identified by Foundry
Trust boundary definitions
Threat model (if available) or threat categories in scope
Any prior security review findings

Input Sanitization

No user-provided values are used in commands or file paths. All inputs are treated as read-only analysis targets.

Procedure

Progress Checklist

[ ] Step 1: Verify builder artifact delivery
[ ] Step 2: Validate security scope agreement
[ ] Step 3: Coordinate security reviews
[ ] Step 4: Track finding resolution
[ ] Step 5: Issue sign-off decision

Step 1: Verify Builder Artifact Delivery

Foundry must deliver the following before security review begins:

[ ] RTL source for all security-critical modules (final, synthesis-ready)
[ ] Security-critical module list with trust boundary annotations
[ ] Register map with access control policy per register
[ ] FSM state diagrams for security-relevant state machines
[ ] Clock domain crossing report
[ ] DFT/scan chain documentation (which chains touch security logic)
[ ] Debug interface specification (JTAG, trace ports)
[ ] Known limitations or accepted risks documented

Reject handoff if any artifact is missing. Document gaps and return to Foundry.

Step 2: Validate Security Scope Agreement

Confirm threat categories in scope (side-channel, fault injection, logical bypass, debug access).
Agree on security-critical module boundaries (which modules are in-scope for full review).
Define review depth per module: full RTL review, interface-only, or documentation review.
Set severity classification: critical (blocks tape-out), high (requires mitigation plan), medium (accept with justification), low (track).
Confirm timeline and review capacity.

Step 3: Coordinate Security Reviews

Dispatch to Forge specialist skills based on scope:

rtl-security-review: Access control gates, FSM transitions, information leakage for all in-scope modules.
microarch-analysis: Speculative execution, cache timing, branch predictor attacks if CPU/core is in scope.
physical-design-security: Power domain isolation, clock domain security, layout-level leakage if physical design is available.

Track review progress per module and per skill.

Step 4: Track Finding Resolution

Maintain finding tracker with: ID, module, category, severity, status, owner, target date.
For each critical finding: Foundry implements fix, Forge re-reviews.
For each high finding: Foundry provides mitigation plan, Forge approves plan.
For each medium finding: Foundry documents accepted risk with justification.
Verify all critical findings are resolved before sign-off.

Step 5: Issue Sign-Off Decision

Approved: All critical/high findings resolved, no open blockers.
Conditional approval: All critical resolved, high findings have approved mitigation plans with committed timelines.
Blocked: Open critical findings or unresolved high findings without mitigation plans.

Document decision with: reviewer, date, scope covered, open items (if conditional), and next review trigger.

Compaction resilience: If context was lost, re-read the Inputs section for the design under review, check the Progress Checklist, then resume from the earliest incomplete step.

Output Format

Sign-Off Summary

| Field | Value | |-------|-------| | Design | ... | | Reviewer | Forge | | Date | ... | | Decision | Approved / Conditional / Blocked | | Scope | Modules A, B, C | | Open items | ... |

Finding Tracker

Handoff

Hand off to forge/rtl-security-review for detailed RTL security analysis.
Hand off to forge/microarch-analysis for microarchitectural attack surface review.
Hand off to foundry/chip-design-flow for design fixes required by findings.

Quality Checks

[ ] All builder artifacts delivered and complete
[ ] Security scope and threat categories agreed
[ ] All security-critical modules reviewed by appropriate Forge skill
[ ] All critical findings resolved
[ ] All high findings resolved or have approved mitigation plans
[ ] Sign-off decision documented with scope and conditions

Evolution Notes

Related Skills

dtsong/workflow

development

VerifiedTrustedCommunity

Use when planning implementation steps, deciding commit format, or structuring development approach. Provides brainstorm-plan-implement flow with conventional commits. Triggers on 'how should I approach this', 'commit format'.

4SKILL.mdUpdated Apr 28, 2026

dtsong/web-security-hardening

development

VerifiedTrustedCommunity

Security audit checklist for web applications. Use when reviewing, auditing, or hardening a web app's security posture. Covers rate limiting, auth headers, IP blocking, CORS, security middleware, input validation, file upload limits, ORM usage, and password hashing. Triggers on requests like "review security", "harden this app", "security audit", "check for vulnerabilities", or when building/reviewing API endpoints.

4SKILL.mdUpdated Apr 28, 2026

dtsong/web-security-hardening

dtsong/web-design-guidelines

development

VerifiedTrustedCommunity

Review UI code for Web Interface Guidelines compliance. Use when asked to "review my UI", "check accessibility", "audit design", "review UX", or "check my site against best practices".

4SKILL.mdUpdated Apr 28, 2026

dtsong/web-design-guidelines

dtsong/vercel-react-best-practices

development

VerifiedTrustedCommunity

React and Next.js performance optimization guidelines from Vercel Engineering. This skill should be used when writing, reviewing, or refactoring React/Next.js code to ensure optimal performance patterns. Triggers on tasks involving React components, Next.js pages, data fetching, bundle optimization, or performance improvements.

4SKILL.mdUpdated Apr 28, 2026

dtsong/vercel-react-best-practices

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/dtsong/my-claude-setup.git

# Copy into Claude Code skills folder (global)
cp -r my-claude-setup/skills/council/forge/hw-security-signoff ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

dtsong/my-claude-setup

4 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT